“The consequences of a cyberattack can be devastating”
GEORGETOWN— Guyana’s businesses are facing an unprecedented wave of cyber threats, and the regional statistics paint a terrifying picture of the challenges ahead.
According to recent reports in the Jamaica Gleaner, Latin America and the Caribbean saw over 63 billion attempted cyberattacks during the first six months of 2024. Other sobering statistics reveal that 71% of ransomware attacks in the region targeted small businesses, with ransom demands ranging from thousands to millions of dollars. A staggering 68% of regional small businesses reported experiencing malware attacks in the past year, leading to data loss and reputational damage. Furthermore, insider threats accounted for about 44% of security incidents in the Caribbean.
Currently, the International Telecommunications Union (ITU) ranks Guyana as Tier 4 (“Evolving”) on its Global Cybersecurity Index. This level means that Guyana has shown a basic commitment to cybersecurity through actions taken by the government. These actions include evaluating, setting up, or implementing generally accepted cybersecurity measures across a number of pillars or indicators.
Yet, Guyanese companies—many of them small and midsized enterprises—are in the crosshairs due to their limited resources and comparatively little cybersecurity awareness. They often remain unaware of their vulnerabilities and are easy targets for attackers.
Many times, businesses view information security and cybersecurity as merely an expense rather than an investment, leading them to believe they are not essential to the company’s growth. A common misconception among Guyanese businesses is that they require expensive, sophisticated IT security systems, which is not always the case. Most of the time, a good understanding of the company’s critical processes, IT systems and data, can drive a simple fit-for-risk and fit-for-purpose security strategy, which can include low cost, incremental changes to IT controls and behavior that can mitigate many cybersecurity risks.
The consequences of a cyberattack can be devastating. Businesses often do not have the cash flow to recover from an attack, with many forced to close down after a severe breach. Across the Caribbean, the average cost of a data breach for a midsized company exceeds USD 100,000, a figure that could spell financial ruin for the majority of Guyanese enterprises.
Protecting information systems, data, and other technologies does not have to be intimidating. Implementing basic defenses can stave off attacks. These defenses can include cybersecurity education and awareness training, multi-factor authentication, frequently updating software to cover known vulnerabilities, installing antivirus, and having a basic incident response plan.
There is no question—Guyana’s businesses are facing an uphill battle against cybersecurity threats. Without taking steps to bolster their defenses, many could find themselves outmatched and out of business in the new digital age.
Contact: heather@cybrilliant.org
