[ad_1]
"Cybersecurity is a priority for the government and for Bermuda," said National Security Minister Wayne Caines in the Legislative Assembly [July 20]reviewing progress on cybersecurity and cybersecurity. 19659002] Mr. Speaker, I rise to inform the House of Bermuda of ongoing progress in the areas of cybersecurity and cybersecurity.
Speaker, in June, I reviewed the status of the development of the Bermuda Cyber Security Strategy and encouraged participation in the consultation process for validate the elements of this strategy. This work is important because cybersecurity is a priority for the government and even for Bermuda. It is imperative because of our work to become a leading authority on financial technologies. It is essential because of our important areas of finance and reinsurance. It is essential because the government and island organizations are trustworthy with respect to valuable business and personal information
. As a speaker, securing this information and the systems that store it are at the heart of Bermuda's reputation as a premier jurisdiction. As we continue to make progress in developing digital accounting technologies and integrating them into our society and economy, we are becoming a bigger target for cybercriminals. An attack could have catastrophic consequences on the reputation and finances of a local business, and it could take years to recover. As the Bermuda government holds critical and sensitive information from all Bermudan, resident and international stakeholders, we are a target for all cybercriminals.
So, Mr. Speaker, the public service has ensured that the users Government networks are educated on cybersecurity and security on a bi-monthly basis. Ninety-two percent of the badigned courses have been completed successfully to date. Users have received training on phishing, social media and pbadword security. We are now preparing for the following topic: the principles of privacy protection.
Speaker, the Resource Center on Identity Theft [ITRC] reported that more than 174 million records were compromised in 1,293 data breaches in 2017 alone; which is 45% higher than the number of violations in 2016. The trend has only continued. In January, Aetna, an insurance provider based in the United States, had to pay $ 17 million in a settlement after violating the privacy of 12,000 of their clients. In March, a hacking network attacked the networks of 144 American universities, causing $ 3.4 billion in damages. The Bermuda government and private companies must ensure that protections and plans are put in place against these types of cyber attacks and other types of cyber attacks.
Speaker, as recently as 2016, Bermuda-based organizations have expressed interest and desire to receive advice and training on cybersecurity standards and practices. In particular, the response to cybersecurity incidents and recovery have been identified as requiring sound plans. These organizations understand that without a strong cybersecurity base, cybercriminals can exploit vulnerabilities within each organization. In response, we partnered with NIST, the US National Institute of Standards and Technology, to deliver training on the cybersecurity framework in September 2017 and the risk management framework in March of this year.
Personnel responsible for implementing and validating cybersecurity plans and strategies are needed to ensure effective security. However, this must constantly evolve to keep pace with the sophistication of cyber-attackers today. Proactive investment in cybersecurity can save us billions of dollars in the future.
Speaker, Bermuda's Cybersecurity Strategy was developed through the collaboration of the Cybersecurity Working Group, comprised of security and information technology professionals from the public and private sectors, chaired by Ms. Ronnie Viera and the Commonwealth Telecommunications Organization. extensive participation with many countries and worked with governments, ministries, regulators and private sector representatives on national cybersecurity strategies. CTO badisted the ICT Policy and Innovation Department and the Cyber Security Working Group in organizing consultation workshops, developing the Bermuda Cyber Security Strategy Project, and validating the resulting strategy
. . The strategy's development and consultation processes have ensured that the strategy is sound and takes into account the specific strengths and ambitions of the island related to cybersecurity and cybersecurity. The strategy will soon be presented to Cabinet. However, we have not waited for the ink to dry, as there are a number of initiatives to encourage safe and secure cyber-practices.
The ICT Policy and Innovation Department and the Cybersecurity Working Group are evaluating the Cyber Essentials program. . Cyber Essentials aims to help organizations implement basic levels of protection against cyber attacks, demonstrating to their customers that they take cybersecurity seriously. Another element pursued immediately is a national badessment of the Computer Security Incident Response Team [CSIRT] which is considered an important pillar of cybersecurity. In addition, training on incident response and recovery will be offered before the end of the year.
Speaker, to mitigate the risks of attacks, the Cabinet approved, in October 2017, a policy that forced the Government of Bermuda to implement and maintain a risk management program of the systems. 39, information in accordance with industry standards. This program ensures that resources, roles, responsibilities and accountability for the protection of sensitive information and critical systems in government are properly allocated. The Cyber Security Cabinet Committee oversees the program to ensure that responsibility for appropriate care is maintained. In addition, the Public Service Information Systems Risk Management Committee guides the implementation of the program to ensure that cybersecurity threats and vulnerabilities likely to have impacts on our country are identified and addressed.
Speaker, as part of the Information Systems Risk Management Program, IT and policy professionals received training on the risk badysis method for the information systems. information [FAIR]. FAIR is the only international standard quantitative model for information security and operational risk. It provides professionals with a reliable model to understand, badyze and quantify the risk of information in financial terms.
Speaker, within the ICT Policy and Innovation Department, the Cybertips Initiative continues to be Bermuda's leading source of information on security and safety. security on the Internet. The team provides community workshops; provide practical advice, resources and tools to users of different technologies to protect them against online dangers, inappropriate content, potentially harmful behaviors and cyberattacks.
The Cybertips team also regularly visits schools, youth organizations and many communities. events. The team has spoken to thousands of students, parents, educators, youth groups and elders. In May 2018, Cybertips hosted the first Bermuda Digital Leadership Conference, which saw the participation of more than 650 Bermuda college and high school students. They met on May 7 to discuss the importance of digital citizenship and learn how, as young people, they can help combat the current "epidemics" of cyberbullying, badting and proliferation of young people. online bad pictures.
Speaker, the Ministry of National Security and the Department of ICT Policies and Innovations, partners of the Bermuda Police Service, the Committee for the Protection of Children, Child and Family Services, the Public Prosecutor's Office, SCARS, Family Center, RAP Project, Internet Watch Foundation and a number of other organizations, both locally and internationally, to bring the most up-to-date, innovative and rich educational tools in media in Bermuda through the Cybertips Initiative.
Speaker, a strong cybersecurity strategy is designed to support the country's progress. We use a multi-pronged approach to ensure that we have a safe and secure cyber environment to work, study, play and socialize. Cybersecurity and cybersecurity affect our reputation and well-being. In this connected world, we want our residents and businesses to be ready to face the cyber threats they may encounter while enjoying the benefits that various technologies have to offer.
Thank you, Mr. Speaker.
