Regional panel discusses how Business Leaders can become AI Risk ready; Junior Gilpin, Director of Education, ISC2 Caribbean Chapter, Rick Stanford-Logan, TTCSIRT and David Gittens, moderated by Jason Abraham. An excerpt from 800 TECH’s 3rd Annual Cybersecurity Webinar 2025.
As artificial intelligence (AI) transforms industries worldwide, Caribbean businesses are navigating new frontiers of opportunity and risk. At 800 TECH’s 3rd Annual Cybersecurity Webinar, industry leaders from across the region joined forces to discuss one critical question:
How can organizations move from AI awareness to true AI risk readiness?
This year’s distinguished panel featured:
- David Gittens (Barbados) – Independent cybersecurity consultant and Commonwealth Caribbean Cybersecurity Fellow, recognized for his work on Barbados’ first national cybersecurity strategy.
- Rick Logan-Stanford (Trinidad & Tobago) – Cybersecurity specialist at TT-CSIRT, with over 13 years of experience in digital forensics, incident response, and cyber law.
- Junior Gilpin (Jamaica) – Cybersecurity Engineer at 800 TECH and Director of Education for the ISC2 Caribbean Chapter, specializing in governance, risk, and AI compliance.
Moderated by Jason Abraham, the discussion explored the region’s readiness to govern, secure, and ethically integrate AI technologies into business operations.
AI Brings Promise and New Risk in the Caribbean
Moderator Jason Abraham opened the session by noting that AI is now woven into nearly every aspect of business life from automation to analytics. While it brings efficiency and innovation, it also introduces complex risks related to data leakage, misinformation, and security vulnerabilities.
David Gittens emphasized the importance of establishing AI governance strategies within organizations. He warned that many employees already use generative AI tools informally creating “shadow AI” often without understanding the data exposure risks.
“Your employees are using AI even if you don’t know it,” Gittens said. “The first thing you need is a strategy and a policy that defines what can and cannot go into these tools.”
He advised Caribbean companies to adopt frameworks such as ISO 27001 or the NIST AI Risk Management Framework to manage compliance, data privacy, and ethical use.
Small Businesses: The Overlooked Risk Zone
Junior Gilpin highlighted that small and medium-sized enterprises (SMEs) are often the most vulnerable.
“Many businesses think they’re too small to be hacked,” he said. “Then they call us two weeks later with a ransomware attack.”
Gilpin stressed that SMEs must identify their digital assets, select secure AI tools, and seek professional cybersecurity guidance early on. He also underscored the importance of leadership involvement: without executive buy-in, security programs often fail.
“Security culture starts at the top,” he added. “If leadership doesn’t set the tone, the organization won’t follow.”
AI as a Tool and a Weapon
From his vantage point at TT-CSIRT, Rick Logan-Stanford shared how cybercriminals now weaponize AI to execute more advanced attacks, including AI-generated malware, ransomware, and social engineering schemes.
“As we use AI to make our work easier, attackers are using it to make their attacks more sophisticated,” he explained.
He urged organizations to focus on cyber hygiene, awareness training, and layered defense mechanisms such as multi-factor authentication, zero-trust frameworks, and regular risk assessments.
“Every device, from your smartphone to your smart TV, is part of the cyber ecosystem,” he said. “Cybersecurity is no longer an IT problem it’s everyone’s problem.”
The Way Forward: Governance, Culture & Collaboration
The panel agreed that Caribbean organizations must treat cybersecurity as a strategic investment, not a technical expense. This means embedding risk management into governance structures, promoting employee awareness, and fostering regional collaboration to combat emerging threats.
David Gittens summarized it best:
“Doing IT governance right is not easy or cheap. But if you want your organization to survive, especially in terms of reputational damage and lawsuits, you have to do it right.”
The conversation concluded with a powerful reminder: data is the new oil and protecting it is the foundation of trust, resilience, and growth.
Key Takeaways
- Develop clear AI governance and risk management frameworks
- Implement security awareness and data protection policies
- Prioritize leadership involvement and accountability
- Invest in cyber resilience and professional consultation
- Recognize that cybersecurity is everyone’s responsibility
Want to learn more about integrating AI into your work environment? Check out our AI Adoption Roadmap
Curious to find out if your business credentials or data has been exposed online? Click here to request a Complimentary Dark Web Assessment
Check out our blog on Cyber threats and Cybersecurity