The Trinidad and Tobago Cyber Security Agency Bill, 2015

The Trinidad and Tobago Cyber Security Agency Bill, 2015 was introduced as the same time as the Cybercrime Bill 2015 by the Minister of National Security Brigadier General Carlton Alfonso on May 1 2015.

It seeks to establish a the Trinidad and Tobago Cyber Security Agency (TTCSA) to act as a national point of contact for all cyber security related concerns and other related matters. The functions of the TTCSA are to:

(a) act as the national point of contact for all cyber security related matters;

(b) establish a national computer incident response team to be known as the “Trinidad and Tobago Cyber Security Incident Response Team” (hereinafter referred to as “TT-CSIRT”);

(c) refer matters to the police, where evidence of an offence under the  Cybercrime Act, 2015 comes to its knowledge;

(d) prepare, review and update periodically and in any event at least annually, a national cyber security strategy and prepare such plans as are necessary for the successful implementation of such strategy;

(e) collaborate with the relevant public body in the collection of relevant information which would facilitate the analysis of current and emerging risks, including those risks which could produce an impact on the resilience and availability of data communications networks and on the authenticity, integrity
and confidentiality of the information accessed and transmitted through such
networks;

(f) provide advice on cyber security related matters, including situational awareness information, to the Minister, the Trinidad and Tobago Police Service or such other competent national bodies as are necessary;

(g) enhance cooperation between different actors operating in the field of cybersecurity by holding consultations with, interalia, various industries, universities, public sector bodies and private sector and civil society bodies;

(h) contribute to the awareness raising, and the availability of, current, objective and comprehensive information on cybersecurity by, inter alia, promoting exchanges of current best practices, including methods of alerting users and facilitating cooperation and collaboration between public and private sector initiatives.

(i) develop and publish standards for products and services on cyber security;

(j) establish and publish baseline cyber security requirements and standards for
various sectors including operators of critical infrastructures;
(k) conduct research and development in the area of cyber security and identify critical research and development needs, gaps and emerging trends for future research;

(l) promote the development of training and education programmes including the accreditation and certification of cyber security academic programmes;

(m) advise the Minister on research in the area of cyber security as well as on the effective use and adoption of risk preventative technologies;

(n) promote risk assessment activities, interoperable risk management solutions and studies on cyber security management solutions within public and private sector bodies;

(o) collaborate with the relevant public body in the provision of educational guidelines to the national community, as to the appropriate use of the national network infrastructure;

(p) establish internal and joint procedures between the public and private sectors  to manage the incidents and mitigate the threats associated with them;

(q) provide appropriate strategic insights to policy and decision-makers and public bodies in order to strengthen the national network infrastructure;

(r) develop a National Cyber Security Contingency Plan;

(s) coordinate cyber security exercises; and

(t) express independently its own conclusions and orientations and give advice on matters within its scope and objectives.

The Bill lapsed with the end of the Parliamentary session on June 17 2015.