The Deputy Prime Minister yesterday conceded that the Bahamas “continues to fall too far down the scale”, after this nation was ranked 129th out of 164 countries for its commitment and effectiveness in fighting cyber crime.
K P Turnquest acknowledged that the Bahamas’ ranking in the bottom third of the Global Cybersecurity Index (GCI), published by the International Telecommunications Union (ITU), could “undermine” the financial services industry and this nation’s desire to expand its information technology (IT) capabilities.
Of the 25 indicators on which countries were rated, the Bahamas scored highly on just two – cybercriminal legislation and its participation in efforts to combat the problem globally.
This resulted in the GCI placing the Bahamas among 96 nations said to be in the “initiating stage”, meaning that they have just “started to make commitments in cybersecurity”.
The GCI placed the Bahamas below ‘economic powerhouses’ such as Gabon, Nauru, Sierra Leone, Liberia and Niger when it came to the commitment, strength and effectiveness of cybersecurity systems, agencies and supporting legislation.
The Bahamas’ 129th ranking is also lower than the 121st spot it currently occupies in the World Bank’s ‘ease of doing’ business rankings. On a regional basis, this nation was placed below Jamaica, the leader, who came in at 85th spot, and the likes of Barbados, St Vincent and the Dominican Republic. It did, though, finish ahead of Trinidad & Tobago.
“How did we get there,” Mr Turnquest asked, when Tribune Business disclosed the Bahamas’ GCI ranking. The survey was conducted by an international regulatory body, the ITU, whose members just held their annual conference in the Bahamas.
The Deputy Prime Minister said the Government needed to better understand the basis for the Bahamas’ ranking by the ITU’s GCI, but admitted: “In all these rankings we continue to fall too far down the scale.
“There’s some things we have to do, not only to be more secure, but put in place the required protocols to give actual and perceived security, as well as improve the overall ease of doing business.
“We have to address them as priority to recover our standing, but this particular issue comes as a bit of a surprise as I’m not sure what the basis of it is. As we look at it, we’ll see what we have to do to respond.”
Mr Turnquest said that while the Bahamas’ rankings in international indices were often “subjective”, the Government was aware that international investor perceptions of this nation could be easily influenced by them.
And, given the Bahamas’ reliance on financial services and other data-based industries, plus its hopes for further economic diversification via IT, the GCI index ranking could be particularly damaging.
“It’s absolutely critical that we have very effective and proactive cyber security measures,” Mr Turnquest told Tribune Business. “If we are perceived to be weak in the area of data protection and transaction protection, it does have the potential to undermine our financial services industry.”
The Deputy Prime Minister suggested that the Bahamas’ GCI ranking was likely based “more in theory than in fact”, but acknowledged that perception was everything.
“We’ll need to address it,” he told Tribune Business. “We have to get facts. Certainly, to the extent there are perceived weaknesses, we’ll have to do what is necessary to ensure we negate it.”
With IT now an essential part of commerce, Brahima Sanou, the ITU’s telecommunications bureau director, emphasised why the growing cyber criminal threat meant awareness and security measures were essential.
“In 2016, nearly 1 per cent of all e-mails sent were essentially malicious attacks, the highest rate in recent years,” he wrote in the GCI report. “Ransomware attacks increasingly affected businesses and consumers, with indiscriminate campaigns pushing out massive volumes of malicious e-mails.
“Attackers are demanding more and more from victims, with the average ransom demand rising to over $1,000 in 2016, up from approximately $300 a year earlier. In May 2017, a massive cyber attack caused major disruptions to companies and hospitals in over 150 countries, prompting a call for greater co-operation around the world.”
Bahamians, and local businesses, have also become increasingly familiar with hackers and the senders of malware, adware, spyware and various forms of computer viruses. The Clearing Banks Association (CBA) has recently taken out a series of advertisements to warn Bahamians about the threats from ‘phishing’ e-mails and other tactics designed to obtain their bank account details.
Stephen Bereaux, the Utilities Regulation and Competition Authority’s (URCA) chief executive, yesterday said the regulator was not responsible for cybersecurity in the Bahamas, and did not provide any data in response to the survey the ITU issued for the GCI index rankings.
He added, though, that based on talks at last week’s ITU conference in the Bahamas he was “confident a number of things are going on” to protect the Bahamas against cyber criminals.
“There were a number of discussions last week on cybersecurity and the impact on the financial services sector in the Bahamas,” Mr Bereaux told Tribune Business.
“Clearly, cybersecurity is an issue for any country, but that said, based on the discussions at the conference, a lot of effort is going on in the country to ensure the issue is addressed.”
Mr Bereaux said care had to be taken in interpreting indices such as the GCI, because they sometimes did not reflect what was taking place in a particular country.”