NIST Updates Security and Privacy Control Assessment Procedures
The National Institute of Standards and Technology (NIST) has published an update to its SP 800-53A standard, “Assessing Security and Privacy Controls in Information Systems and Organizations.” The publication provides a methodology and set of procedures for conducting assessments of security and privacy controls employed within systems and organizations within an effective risk management framework. The assessment procedures, executed at various phases of the system development life cycle, are consistent with the security and privacy controls in NIST Special Publication 800-53, Revision 5. The SP 800-53A assessment procedures are flexible, provide a framework and starting point for control assessments, and can be tailored to the needs of organizations and assessors. SP 800-53A facilitates security and privacy control assessments conducted within an effective risk management framework. The revision includes new assessment procedures that address newly added and updated privacy and supply chain risk management controls in SP 800-53 Revision 5. SP…
IDB Caribbean Quarterly Bulletin – Q3 2021
The Inter-American Development Bank (IDB) has released its Q3 2021 Caribbean Quarterly Bulletin focusing on the evolving economic and human consequences of the ongoing COVID-19 outbreak for countries in the Caribbean region. For Barbados, the report outlines the following regarding Digital Infrastructure: Barbados requires an estimated investment of US$10.6 million to close the digital infrastructure gap The gap for mobile broadband amounts to US$10.3 million, while the gap for fixed broadband is less significant at US$286,163. Closing this gap is crucial to increase employment and contribute to sustainable economic growth. Barbados is making good progress in its digital transformation of public sector administration and in improving service quality. The IDB – supported project aims to achieve (1) greater use of digit al channels by individuals and companies to access public services; (2) greater efficiency in public sector administration; and (3) strengthened public sector skills to operate in a digital economy.…
Voters List Disclosure Data Privacy Concerns
On December 29th, 2021, a preliminary list of all eligible voters in Barbados was posted on the Barbados Government Information Service (GIS) website. The list included the surname, first & middle names, national registration number (NRN), gender, date of birth, residential status, constituency, polling station and address of over 264,000 individuals. The 5,520 paged Adobe PDF document could be downloaded by anyone with access to the internet, and not just Barbadian citizens and residents. The list was made public ahead of the general elections on January 19th, 2022. Section 18(1) of the Representation of the People Act of 1991 allows for 16 days within which changes to the preliminary list of eligible voters may be made before an election. Changes to the preliminary list may be made up twenty-one (21) days after an election date is declared, after which a final register for elections will be created. The Act further…
8 pitfalls that undermine security program success
Niel Harper, CISO for the United Nations Office for Project Services (UNOPS) and a board member with the IT governance association ISACA sat down with CSO Online to discuss some of the obstacles that can impede the success of security programs. He talked about executive apathy, risk management, and the over-dependence on compliance audits. Read the article on csoonline.com
Digital Readiness in the Caribbean
Frazer Lindsay, PwC’s Caribbean CEO has highlighted the needed to boost workforce productivity to improve customer experience. He also states that digital transformation is now competitively critical for businesses here in the Caribbean. Additionally, he highlighted the need to invest in new technology by upskilling their workforce, instilling an innovative mindset within their organisations. Some emerging technologies the Caribbean are encouraged to embrace include: Artificial Intelligence Internet of Things Robotic Process Automation Drones Blockchain Augmented Reality Virtual Reality 3D Printing Read more about the survey here and the original article from Barbados Today here.
Data Privacy Day 2021
January 28th is celebrated internationally as Data Privacy Day, when security and privacy professionals push data privacy. While not officially recognised by our government as yet, our chapter recognises its importance. Data privacy is at the heart of protecting citizens in today’s world where the internet is considered a right, and where social media, smartphones, email and IM are an integral part of our lives. In recognition of the Data Privacy Day 2021, we’ve published an article in the Barbados Today news paper. You can read the article here.