MORE senior executives in Philippine companies are now supporting cybersecurity and recognizing its business impact compared to five years ago, according to a cybersecurity expert from Google Cloud.

“Five years ago, there wasn’t a lot of support at the senior business levels, the C-suite levels, the board levels for cybersecurity, I think that’s changed now in the Philippines,” Steve Ledzian, chief technology officer for Asia-Pacific and Japan at Mandiant, now part of Google Cloud Security, told reporters on Wednesday.

Senior executives now understand that “cyber impact means business impact” and have taken an interest in resourcing it better, he said on the sidelines of the 8th Association of Southeast Asian Nations Chief Information Officer Forum.

However, he said, there is still room for these leaders to get a clearer picture of how cyber incidents happen and how they might impact business.

“[Firms can] take a red team exercise where you hire a friendly hacking firm to come in, not just if they can break in, but if they can get your crown jewels and come right up to the line of what would otherwise be a business impact,” Mr. Ledzian said.

He said companies such as Mandiant can deliver these red team exercises. The “red team” uses nondestructive methods to accomplish a set of jointly agreed upon mission objectives, between the customer and red team provider, simulating an attack.

Mr. Ledzian also recommended conducting a compromise assessment.

He said that a compromise assessment helps determine if there is an undetected attacker in the network, noting that digital attacks are often invisible and can go unnoticed for many months.

“We need to provide shared information. What happens in one country may happen in another,” Cybercrime Investigation and Coordinating Center Executive Director Alexander K. Ramos said at the forum.

Kitti Kosavisutte, chairman at TB-CERT, the Thailand banking sector computer emergency response team, said this information can be used to protect organizations but highlighted that security incident information is sensitive to organizations.

“When we share information, it may impact the reputation of others. We need to create a mechanism that allows members to share information without impacting other organizations,” he said. — Aubrey Rose A. Inosante