The news that a huge car scam sale involving millions of dollars where Government Minister Daryl Vaz’s name and image was employed to entice victims, places importance on a greater need for cybersecurity in Jamaica.

While there is talk of entering the digital age and becoming a part of the third era of the industrial revolution, what is transpiring in Jamaica is the ease by which criminals can exploit lax cybersecurity measures.

Vaz has a reputation of getting things done and facilitating business opportunities for both local and international investors.

However this does not mean that his name and reputation can and should be readily exploited by opportunistic criminals.

In this instance, a young man using modern technological communication methods – i.e., instant messaging and cell phone calls – hoodwinked people into believing Daryl Vaz was both part of and encouraged people to purchase vehicles. The criminal enterprise used the minister in its shady scheme.

Vaz made it clear that he was not part of this sophistry and deception, posting on social media : “Once again, unscrupulous persons are using my good name to extort and scam people in relation to all sorts of methods in relation to the sale of vehicles and all different sorts of things.

“I want to make it abundantly clear that, since 2007, when I was first elected as a member of parliament and named a minister of government, I ceased doing business in the motor vehicle trade.”

This is not the first time a high profile government minister’s name has been used via digital technology to defraud and scam people. It has also happened with Peter Bunting as minister of national security.

In more recent times there has been a growing prevalence of cybercrimes. There is the proliferation of lottery scams, particularly in Montego Bay, St James. More recently there was an NCB bank manager Andrea Gordon who was convicted and will be serving 7.5 years in jail for illegally transferring millions of dollars from accounts, breaching her duty of trust.

Cyber criminals are getting bolder in Jamaica and there is a need to put more robust cyber security measures in place. It will be difficult to proclaim a greater reliance on digital technology if these acts are becoming more prevalent.

This is a major cause for concern around the Government’s efforts to push forward its National Identification System (NIDS) programme, with some people fearing that personal details could get into the hands of those with nefarious intentions- as took place in the Daryl Vaz case.

Back in 2017, accounting giant PricewaterhouseCoopers (PWC) drew attention to the under reporting of cyber incidents when assessing cybersecurity in Jamaica and the Caribbean.

It noted the lax cybersecurity risk management that prevails and not a lot has changed from four years ago.

Speaking at a BizTech conference hosted by the Jamaica Computer Society, Hugh Thompson, a director of PWC’s Jamaica Risk Assurance asked:

1. Do we have the information we need to oversee cyber risks?

2. How effective is our cybersecurity strategy at addressing the risks the business faces? Is the company investing in safeguards to better defend against evolving threats?

3. How do we protect sensitive information handled, stored and transmitted by third-party vendors?

4. Do we have cyber insurance?

5. Do we have the right data governance strategy to minimise our exposure?

6. How do we stay current on the threat landscape around the industry and market?

7. Do we have a tested cyber incident response plan?

Only last month, Vaz, the minister of science, energy and technology, drew attention to this problem and the need to review the Cybercrimes Act of 2015.

Vaz spoke of “the fundamental importance of Jamaica having a strong legislative framework that addresses current cybersecurity realities and potential future development that might occur”.

Being a victim himself, the issue has particular pertinence.

Vaz is acutely aware that the government must make greater efforts with cybersecurity.

Here he said: “As a ministry we are improving our capacity to respond to cyberattacks in the public service. This is extremely important given the move to e-government, e-participation and, most important of all, a National Identification System.”