REUTERS

By Aubrey Rose A. Inosante

CYBERSECURITY funding is expected to increase in the Philippines next year following threats and attacks faced by various organizations, analysts said.

“We can expect that next year, the funding will be higher, especially now that the national cybersecurity plan (NCSP) has been signed because it is considered to be a concern,” e-commerce advocate Janette Torral said in a phone interview on Thursday.

President Ferdinand R. Marcos, Jr. had issued Executive Order No. 58 to adopt the Department of Information and Communications Technology’s (DICT) NCSP for 2023 to 2028, aiming to improve the country’s cybersecurity front.

A recent survey conducted by PUBLiCUS Asia, Inc. showed that approximately 87% of Filipinos strongly support strengthening cybersecurity measures and protecting data privacy, especially in light of security breaches affecting Philippine government network systems.

In recent days, government agency web servers, including those of the Department of Science and Technology and the Bureau of Customs, have experienced cyberattacks. Notable incidents include attacks on state-run Philippine Health Insurance Corp. in late last year and early this year.

“We need to set up civil service positions in cybersecurity, (because) currently the government has no cybersecurity position,” DICT Assistant Secretary for Cybersecurity and Upskilling Jeffrey Ian C. Dy said in a phone message.

He noted that there is also a need for an information communication academy and a cybersecurity center.

For 2024, the government has earmarked P9.9 billion for the DICT to advance digitalization efforts. Of this, P72.3 million is allocated for network detection and response, P48.2 million for security operations software for the National Security Operations Center (NSOC), and P79.7 million and P19.8 million for advanced antivirus systems to support round-the-clock staff monitoring of the NSOC.

“We are encouraging the government to issue cyber insurance so that they are not trapped in their procurement process,” Ms. Torral said.

She said that some agencies’ software subscriptions to flag attacks have expired, leaving their data unprotected. In times of compromise, agencies can easily reach out to experts and purchase necessary security solution products.

A study conducted by Frost & Sullivan in 2028, commissioned by technology company Microsoft, showed that cybersecurity incidents could result in a significant economic loss of $3.5 billion in the Philippines. This amount accounts for 1.1 percent of the country’s total gross domestic product, which is $305 billion.

For his part, Digital Pinoys national campaigner Ronald B. Gustilo stressed that the government should allocate more funds for tools and increase the wages of government cybersecurity experts.

“The government should ensure that information technology and cybersecurity employees have the security of tenure so that they will not be easily enticed by private entities,” he said in a viber message.

Last year, DICT Secretary Ivan John E. Uy said that due to low wages, only about 24 personnel manage the cybersecurity department.

He noted that while cybersecurity experts in the private sector earn an average of P200,000, the department can only offer a salary of P50,000.

The Asia-Pacific (APAC) region is expected to increase security solution spending by 12.3% in response to the growing number of cyberattacks, as per the International Data Corp. (IDC).

IDC forecasts that spending on security hardware, services, and software in APAC, excluding Japan, will reach $36 billion in 2024 and rise to $52 billion by 2027.

China leads regional security investments with a 40% share of total spending, while Australia and India collectively contribute 25%.

The finance services, government, and telecommunication sectors are projected to account for 50% of total security spending in the region, according to IDC’s latest Worldwide Semiannual Security Spending Guide.

“The surge in cyber threats utilizing artificial intelligence (AI), such as deepfakes, pretexting, and identity theft, has spurred a heightened demand for comprehensive security solutions in the region that encompass threat detection, automated remediation, and behavioral analysis capabilities,” IDC Asia/Pacific Market Analyst at IT Spending Guides Sharad Kotag said in a statement.

Mr. Gustilo said AI-related cyber threats are on the rise and they target prominent figures such as government officials, celebrities, and media personalities to create deepfake videos promoting products.

“We fear that with the upcoming midterm elections this 2025, AI-generated videos might be used for electoral propaganda purposes. This is a matter that the government and the public need to prepare for,” he said.