…during Cybersecurity Awareness Month
AS Cybersecurity Awareness Month unfolds, the National Data Management Authority (NDMA) is taking proactive measures to empower organisations and individuals with the knowledge and tools needed to secure their digital data.
Director of Cybersecurity, Muriana McPherson-Lam, told the Sunday Chronicle that the NDMA is leading the charge in bolstering cybersecurity awareness and readiness. She outlined a series of initiatives aimed at educating citizens on the importance of cybersecurity.
“Every October is recognised and celebrated as cybersecurity awareness month globally [and] it is important for businesses to recognise the importance of keeping their information secure and ensuring that their employees know how to do so,” McPherson-Lam said.
She added, “We plan to have training for heads of public sector ministries and agencies…this training is aimed at raising the awareness about cybersecurity risks at a high level and encouraging the heads to ensure that they have mechanisms in place to safeguard the organisation’s ICT assets.”
The Cybersecurity Director stated that the NDMA recognises the need for public sector employees to be well-informed about cybersecurity. As such, they are conducting a series of training initiatives, both in-person and virtual, to raise awareness among public sector employees. The goal is to empower them to practice safe online behaviours as well as to recognise and avoid potential threats.
“Hence, the purpose of this training is to more or less help participants realise the need to adopt good online habits. For example, we want people to be able to recognize the different emails that they receive, to know which are phishing and which are not, as well as to recognise the social engineering tactics that cyber criminals may use to compromises devices and to steal personal information, and for person to avoid taking the bait.”
One of the key areas emphasised by McPherson-Lam is the importance of using strong, unique passwords for different online accounts.
“For example, the password you use to access your computer should not be the same password you use for your email because, for example, if one password is compromised and you use the same password for all platforms, then everything that you have access to can become compromised.”
Recognising the importance of cybersecurity in education, the NDMA plans to visit 12 schools across Regions Two, Three, Four, Five, Six and 10. These visits will include cybersecurity awareness sessions to educate students and educators on safe online practices.
“We want schools to practice safe cyber hygiene,” she said.
To further assist businesses and individuals, the NDMA has a getsafeonline.gy website in collaboration with Get Safe Online. This website offers valuable information and guidance on protecting digital information. It also includes a “Check a Website” tool to verify the authenticity of websites before visiting them.
As the NDMA plays a crucial role in securing public sector entities in Guyana, they employ 24/7 network traffic monitoring to detect potential cyber threats and would reach out to agencies if malware is detected. They provide guidance and support to restore operations and strengthen cybersecurity measures. The NDMA also conducts cyber risk assessments aimed at strengthening the cybersecurity posture of public sector agencies.
“When a cyber-attack occurs, an organization must be able to respond promptly to contain the impact on the organisation’s critical services and infrastructure, its customers, employees, and its reputation. It is therefore important for organisations to adequately prepare for, to detect, and to remediate cyber-attacks. One important defence mechanism is to ensure that all devices used have licensed anti-malware solution deployed and configured to automatically detect the presence of malware.
“The second thing is that performing data backups is crucial to ensuring business continuity in an organisation since it aids in the recovery process after unfavourable circumstances such as hardware failure, malware infection, cyber-attacks, power failure and disasters. It is therefore important to ensure that organisations have adequate data backup and recovery plans in place to ensure that mission-critical data, systems, databases, and other information technologies are securely backed up to minimise operation disruptions and to recover as quickly as possible in the event of an incident,” McPherson-Lam contended.
She went on to mention, “Other good practices include ensuring that software installed on end-user and network devices receive vendor supplied software updates and patches on a frequent basis and that such updates are tested prior to deployment.”
She also underscored the role of ICTs as a key pillar for economic and social development. She explained that Guyana’s critical information infrastructure, which includes but is not limited to the provision of electricity, telecommunications, and banking services, is vital for an economy’s smooth operation as cyberattacks on such infrastructure can have far-reaching consequences.
“From an economic standpoint, it is important to ensure that Guyana’s critical information infrastructure is fully protected from any ensuing cyberattack. Further, identified mechanisms to protect the critical information infrastructure must be in place. If at any point in time, there is a cyber-attack on critical information infrastructure, there must be a planned response to deal with such so that we can minimize any negative impact and any long-term effect it may have on the citizens or businesses who depend on the related services provided by the critical information infrastructure,” she noted.
In closing, she emphasised that in keeping with the global cybersecurity awareness month theme, “It is crucial that we implement prudent mechanisms to ‘Secure our World’ one citizen at a time.”
