Delroy McLean, senior director at Cable and Wireless (C&W) Communications, has urged businesses to use artificial intelligence (AI) to defend against cyber threats.

McLean stressed that AI can help companies develop robust policies to assist in strengthening their cybersecurity protocols.

“AI facilitates the consolidation of organisational data in a structured manner, unveiling patterns and aiding in operational understanding and crucially, enabling real-time detection and response to cyber threats,” McLean asserts.

The senior director made the remarks during a panel discussion sponsored by C&W Business focused on the ‘shifting sands of data privacy and security’.

He further noted that organisational policies and the culture of the organisation are also key determinants of a company’s ability to withstand cyber-attacks.

“Culture wins every time. Updated policies, widespread awareness, frequent training, and fostering a positive attitude towards online safety are integral steps in safeguarding against cyber threats,” McLean said.

Backing his claim was Mick Baccio, global security advisor at Splunk, who added that it is important to involve all relevant departments in a company’s cybersecurity response plan.

“Human resources, legal, and the communications team must be part of the response plan for it to be effective. Tabletop exercises simulating cyber attacks involving these departments are crucial in preparing for real-life scenarios,” Baccio added.

Aditi Joshi, AI programme lead at Google Cloud, emphasises the importance of conducting a post-mortem analysis after tabletop exercises. He noted that this critical step allows companies to comprehensively assess and document the effectiveness of their approach, identifying both successful strategies and areas for improvement in dealing with the simulated scenarios.

“It’s important that in the post-mortem, you emphasize that the aim is not to figure out who is at fault but rather to uncover areas for improvement. Once you figure that out, it’s critical that you implement those key learnings in your next exercise and that your policies are updated to reflect these discoveries so that you improve your breach response incrementally,” Joshi shared.

McLean also emphasised the susceptibility of users as the most vulnerable aspect of a company’s network. He underscored the crucial need for consistent cybersecurity awareness training, particularly in light of the prevalent role of social engineering in ransomware breaches across the Caribbean.

“The basics of human interaction with technology are just as important as policies in addressing cybersecurity challenges. Learning from reported attacks and engaging staff effectively reduces the risk of such incidents,” McLean explained.

The panel discussion, moderated by Lisa Godwin, a creative technologist at the New York Times, received positive feedback from a diverse audience of over 300 technological experts, government officials, entrepreneurs, and financiers across the Caribbean and North America.