(From L-R) News5 Anchor Jester G. Delos Santos (moderator and host); Marlon Cruz of Globe Business; Miguel Geronilla of GCash; Raymond Reglos of ISACA Manila Chapter; Renne Barcelona of IBM Consulting Philippines; and Catherine Ann Paleracio of Tonik during the first panel discussion of the BusinessWorld Insights forum held last June — Photos by Arjale Jayrie G. Queral and Jayson John D. Mariñas

Recent BusinessWorld Insights looks through best practices for safeguarding businesses in the digital space

By Mhicole A. Moral, Special Features and Content Writer 

As organizations increasingly rely on digital infrastructure, the threat landscape continues to expand, demanding proactive and adaptive strategies to safeguard sensitive data and critical systems.

According to a report published by IT Governance, a total of 35,900,145,035 known records have been breached in 9,478 publicly disclosed incidents worldwide as of May 2024. Another report by the International Monetary Fund (IMF) found that the risk of extreme losses from cyber incidents has more than quadrupled since 2017, reaching $2.5 billion. These incidents can undermine trust in the financial system, disrupt critical services, and cause spillover effects to other institutions, posing serious concerns for financial stability.

Ransomware attacks, for instance, have doubled each year since 2019, according to McKinsey & Company. During the early months of the COVID-19 pandemic, ransomware attacks spiked by 148%, while phishing incidents increased by 510%.

Artificial intelligence (AI)-driven attacks are also adapting and evolving, making traditional cybersecurity measures less effective. A 2023 report from McKinsey highlights that 53% of organizations acknowledge AI-related cybersecurity risks, yet only 38% are actively working to mitigate these threats​.

Experts have noted that businesses and individuals must stay vigilant and proactively address the evolving cyber threats to protect their assets, maintain trust, and safeguard the broader economic and financial system during the BusinessWorld Insights forum, with a theme “Ensuring Business Growth through Cybersecurity,” last June 25 at Dusit Thani Manila.

Securing the future of cybersecurity in the country

In his keynote address, Department of Information and Communications Technology (DICT) Assistant Secretary Renato “Aboy” A. Paraiso said that the Philippines has been active in strengthening the country’s capability to secure transactions in cyberspace, stating the importance of the implementation of the National Cybersecurity Act, the implementation of minimum standards, and capacity building initiatives.

“Through Executive Order Number 58, Series of 2024, the National Cybersecurity Plan of 2023 to 2028 was adopted as the whole-of-nation approach the blueprint for bolstering the national cybersecurity defenses,” he mentioned. “The DICT provides the frontline services including the National Security Operations Center or the NSOC. The NSOC operates around the clock to detect and respond to incidents which the dedicated analysts working on a 24/7 shifting schedule, monitoring the assets of all connected agencies and departments.”

According to the Assistant Secretary, NSOC has been proactive in detecting and resolving cybersecurity incidents in the Philippines. To date, the center has handled 3,925 incidents, successfully mitigating and closing 3,210 of these cases, which equates to an 82% resolution rate. Most of these incidents involved breaches within government agencies and local government units (LGUs), with an average resolution time of 30 days.

In December 2023, the DICT launched Project SONAR, an initiative aimed at securing online networks through comprehensive assessment and response mechanisms. According to Mr. Paraiso, Project SONAR performs monthly scans to flag and hunt down vulnerabilities, detecting exposures and misconfigurations in publicly accessible government websites and web applications.

Department of Information and Communications Technology (DICT) Assistant Secretary Renato “Aboy” A. Paraiso delivered the keynote address during the BusinessWorld Insights forum last June at Dusit Thani Manila.

“The NCSP (National Cybersecurity Plan) vision is [to create] a trusted, secure, [and] reliable cyberspace for every Filipino.” Mr. Paraiso said. “[It] focuses on three outcomes: First, proactive protection and security for the state and its people in cyberspace. Second, increasing cybersecurity workforce capabilities. Third, strengthening the cybersecurity policy framework.”

The first outcome emphasizes the protection of the state and its citizens in cyberspace. The plan includes the development of a secure government network infrastructure and the reorganization of the cybersecurity bureau. These measures are aimed to ensure proper threat monitoring and response, particularly within government institutions.

Mr. Paraiso added that the second outcome focuses on training and capacitating the workforce, aiming to ensure the public and private sectors have an adequate number of skilled cybersecurity professionals.

“I think the most important part of the vision that we are currently undertaking in the implementation of the National Cybersecurity Plan is the upscaling of our workforce,” he emphasized. “There is a great disparity between the salaries of those in government and in the private sector. So, once we train our workforce in the government, most of the time they leave because of the opportunities outside. So, it’s important for us not only to upskill but also have that capacity [to retain] the workforce.”

The third outcome aims to solidify the cybersecurity policy framework. The DICT, as mentioned by Mr. Paraiso, is committed to ensuring the effective implementation of existing laws, rules, and regulations related to cybercrime and cybersecurity. A key component of this outcome is the proposed Cybersecurity Act.

The Cybersecurity Act, currently pending before Congress, highlights the role of communication and information in nation-building. It emphasizes the protection of life, liberty, and property, and the promotion of general welfare. The bill aims to combat cybersecurity offenses through detection, investigation, prosecution, and international cooperation.

“Hopefully, it gets passed as part of the framework of the National Cybersecurity Plan. This act entails that we should adopt the just measures to improve our cybersecurity, not only posturing, but our cybersecurity capabilities as well.”

Enhancing cybersecurity for businesses

Industry leaders emphasized the importance of emerging technologies and strategies in enhancing cybersecurity, highlighting the evolving nature of threats and the need for proactive defenses.

Marlon Cruz, director for Business Development at Globe Business, said that the shift towards hybrid work models, accelerated by the pandemic, introduced new vulnerabilities that necessitates a comprehensive inspection of all network traffic.

“Everything inside the perimeter used to be trusted. We only inspected the north and south traffic. But with today’s business evolution, adopting software as a service (SaaS) and moving towards cloud infrastructure, we cannot trust what’s inside anymore. We must inspect east and west traffic, too,” he said during the forum’s first panel discussion.

As a key player in the digital financial sector, GCash emphasized trust and security as fundamental components of their mission.

“GCash is in the business of financial inclusion and financial health improvement,” said GCash Chief Information and Security Officer Miguel Geronilla. “That, itself, is a noble task, but we’re also in the business of trust and security because you wouldn’t pour your money into an [application] or a financial institution where it’s not safe and secure.”

Similarly, an official from Tonik Digital Bank, Inc. shared that there is a growing number of cyberattacks targeting businesses, especially financial institutions.

“We need to assess what we can do more, and what areas to look into, which entails looking at emerging technologies. Even cyber attackers are using advanced methods to execute their attacks. AI, for instance, may be beneficial to companies, especially if it’s aligned with their business needs and models,” said Catherine Ann Paleracio, chief information security officer (CISO) of Tonik.

IBM Consulting Philippines Cybersecurity Leader Renne Barcelona also emphasized that cybersecurity should be considered integral to economic stability and growth.

“Our country’s water supply, electrical grid, and even payroll systems for private corporations are all vulnerable. A prolonged attack on any of these could paralyze operations and lead to severe economic consequences,” he explained. “Consider the impact of losing electrical supply for seven days or the grounding of all international flights due to a cyberattack. These scenarios underline the necessity of robust cybersecurity measures. The potential for disruption makes cybersecurity a key enabler of business continuity and economic stability.”

Meanwhile, a representative from ISACA, a nonprofit global organization dedicated to the development, adoption, and use of globally accepted information security standards and practices, stressed the need for businesses to protect their digital infrastructures as they integrate technology into their operations.

“Technology is not just an enabler of business nowadays; it is already an integral part of it. Our operations are increasingly intertwined with application systems that provide competitive advantage to our organization. The data and information out of these systems give us those insights that are needed for intelligent business decision making,” mentioned Raymond Reglos, president of ISACA Manila Chapter.

“But aside from us,” he added, “the malicious actors also wanted the same information. Therefore, the need to protect our data or infrastructure or application systems. Also, data privacy has never been more urgent.”

Moreover, cyber threats have evolved from isolated incidents to a sophisticated ecosystem of cyber criminals.

“Gone are the days that hackers deface websites for fun. Today, it’s about gaining something tangible,” Mr. Reglos highlighted.

To effectively counter these increasing threats, businesses must harness emerging advanced technologies and improve their digital literacy.

For its part, Globe Business has been proactive in building robust cybersecurity measures. “We started our Cybersecurity Initiative Blueprint in 2014, built our infrastructure in 2015, and operationalized our Security Operations Center (SOC) in 2016,” said Mr. Cruz.

By 2018, Globe had centralized its SOC, extending its capabilities to the Globe Group and Ayala Corp. He also mentioned that the continuous optimization efforts of the company are supporting Globe’s transition from a telco company to a ‘TechCo’ company.

“We’re automating our processes to create cybersecurity policies effectively. As we evolve from a telco to a tech company, we aim to improve our awareness and build a culture of cybersecurity,” Mr. Cruz stated.

Globe Business also aims to help enterprise clients understand their cybersecurity maturity. As the Globe Business Director mentioned, “We assess whether clients are reactive, proactive, or adaptive in their cybersecurity strategies. There’s no foolproof solution, but as clients mature in their cybersecurity practices, they become more resilient.”

Ms. Paleracio of Tonik highlighted the capability of artificial intelligence to process vast amounts of data and automate tasks critical for security analysts.

“AI will be a powerful tool moving forward. because of its capability to process large [amounts] of data and automate things that are helpful to security analysts. But just like any security tool, we need to customize it based on the needs of the organization,” she added.

The Tonik executive also emphasized the critical issue of manpower shortages in cybersecurity, stressing the importance of continuity through effective succession planning. This approach ensures that there are skilled professionals ready to step into key roles, mitigating the impact of staffing challenges on cybersecurity operations.

Meanwhile, IBM’s Mr. Barcelona reiterated the fundamental objectives of cybersecurity: Confidentiality, Integrity, and Availability (CIA).

“One of the primary goals of cybersecurity is to ensure that there will be zero data breach incidents happening every day, because a breach incident will result in business downtime or business disruption,” he said.

Mr. Geronilla of GCash added that since cybersecurity is a shared responsibility, businesses must educate consumers alongside including them in digital space, which the fintech company does by educating them in managing their digital finances. He also emphasized the importance of integrating cybersecurity into the core of business strategy, ensuring that cybersecurity measures align with business objectives and safeguard against evolving threats.

Supporting this statement, Mr. Reglos said, “As we embrace innovation, we must also cultivate a culture of continuous learning, awareness and adaptation, ensuring that we are only not prepared for the challenges of the day, but also equipped to tackle the uncertainties of tomorrow.”

“The key to security is embedded in the word itself: ‘you are it.’ Security is everyone’s responsibility. It’s everyone’s task to secure our data infrastructure,” he added.

Safeguarding digital infrastructure through policies

(From L-R) BusinessWorld Multimedia Producer Patricia B. Mirasol (moderator and host); Atty. Aubin Arn Nieva of the National Privacy Commission; DICT Assistant Secretary Renato “Aboy” A. Paraiso; and Alex Bernardino of ePLDT and PLDT Enterprise during the second panel discussion of the BusinessWorld Insights forum held last June

Stakeholders can collaboratively mitigate cyber threats and safeguard the nation’s digital future, supported by proactive policies and public-private partnerships.

According to National Privacy Commission (NPC) Director of Data Security and Compliance Office, Atty. Aubin Arn Nieva cybersecurity efforts must begin with a strong foundation of digital citizenship.

“Strengthening cybersecurity cultivating it from the roots. It does not begin with the intricate software and hardware that we employ in the organization. It begins with the individual. Cybersecurity begins with the person accessing cyberspace,” he said during the second panel discussion of the forum.

At an organizational level, the NPC director stressed the importance of strong corporate governance as the foundation for effective data management and cybersecurity practices. For instance, a robust governance framework not only ensures compliance with regulatory requirements but also fosters a proactive approach to cybersecurity. This includes implementing dynamic policies that adapt to evolving threats and technologies, thereby safeguarding sensitive data and minimizing vulnerabilities.

Alex Bernardino, field CISO and head of Enterprise Consulting Practice of ePLDT and PLDT Enterprise, noted that the growth of the cybersecurity industry has largely been driven by the increasing sophistication of cyber adversaries who view cybercrime as a lucrative business.

Acknowledging this, he emphasized the importance of existing legislative frameworks such as the Cybercrime Prevention Act of 2012 and the Data Privacy Act. However, he mentioned that the effective implementation and strict enforcement of these laws are crucial to combat cyber threats effectively.

“The implementation should be in higher on hand. We have to pursue. We have to implement [the law] in a strictest, and penalize the offenders and the violators. I think that’s the missing portion now,” he added.

At ePLDT, a proactive approach to cybersecurity involves rigorous adherence to privacy standards. Every project, both internal and external, undergoes a Privacy Impact Assessment (PIA) to ensure the security of customer data and internal information.

Beyond technological measures, Mr. Bernardino emphasized the importance of community awareness and education in cybersecurity.

“The sad reality here is that cybersecurity is affecting our daily lives. So, we need to really tackle this seriously in the national level, and also in the private sector. A close collaboration is really a need right now to be able for us to protect the Philippine cyberspace.”

The discussion also highlighted the role of legislation in fostering a secure digital ecosystem, essential for attracting foreign investments and ensuring data protection. Key enactments, such as the Cybersecurity Act of 2012 and the Data Privacy Act of 2012, address regulatory gaps and aim to instill confidence among investors.

Despite these advancements, challenges persist, particularly in rural areas where technological infrastructure remains limited. According to Atty. Nieva, disparities between urban and rural connectivity, with varying levels of mobile network technology (2G, 4G, and 5G), pose unique cybersecurity challenges.

“When 5G was introduced to us years ago, there was an increase of cyberattacks because the latency was decreased. Because the data, the transference of data, was more readily available. And so, these cyber criminals are able to exploit it,” he added.

According to DICT’s Mr. Paraiso, the Philippines has a unique environment in addressing cybersecurity policy since the government actively seeks input from industry stakeholders.

Dialogues with private sector representatives help shape legislative initiatives. These interactions inform policymakers about the specific challenges faced by businesses, which are then conveyed to legislative bodies like Congress and the DICT.

Meanwhile, PLDT Group, as one of the largest telecommunications providers in the Philippines, operates under the recognition that any breach affecting their network could have far-reaching consequences for the entire nation. Acknowledging this responsibility, Mr. Bernardino said that the company has implemented rigorous cybersecurity practices to mitigate risks and ensure uninterrupted service delivery.

The PLDT official also emphasizes the importance of cyber awareness among its stakeholders, working closely with the DICT to educate the public and enhance cybersecurity literacy.

PLDT’s cybersecurity strategy focuses on collaborating with key government bodies like the DICT and NPC. According to Mr. Bernardino, PLDT actively participates in the Public Sector Advisory Council, providing advice on cybersecurity and digital transformation initiatives essential for the country’s development.

Moreover, in cases of cyber incidents involving their customers, PLDT cooperates closely with the NPC to swiftly address and resolve issues while upholding data privacy regulations.

Mr. Bernardino also stresses the necessity of due process in handling sensitive data. They adhere strictly to legal requirements, requiring court orders before disclosing customer information to law enforcement agencies.

According to Atty. Nieva of NPC, many users lack sufficient understanding of the risks associated with online activities.

“Common people don’t know what they are doing when they get online. They cannot see data; they cannot understand data, and that’s why they are neglectful in handling it online,” he said.

This gap in awareness poses significant challenges as it exposes individuals and organizations to various cyber threats.

“The government has a responsibility to protect the people, even if the people don’t know what they are doing. That’s why we are heavy in the National Privacy Commission, focusing our efforts on data protection in the countryside.”

Meanwhile, Mr. Paraiso mentioned that policies should not only be robust but also agile enough to respond to emerging threats, especially since the pace of technological advancement has outstripped the ability of regulatory frameworks to keep up.

“It’s really hard, a law has been passed, there is a new challenge. We’re still debating, but it’s over because the challenge has already shifted,” he explained. “Whatever laws we craft and whatever policies we adopt should be adaptive, they should be flexible.”

Similarly, Mr. Bernardino of PLDT emphasized the inevitability of data breaches nowadays and urgent need for proactive measures and resilient policies.

“In cybersecurity, it’s no longer a matter if you’re going to be breached or how you’re going to be breached. It’s only a matter of when. Now, I want to highlight that because organizations should be ready to respond when that happens,” he explained.

“We should be talking about how we can respond as a government agency, as a private institution. We should have learnings here. The learnings we gather should be part of our best practices as an organization and as a government agency, combined with knowledge and experience.” Mr. Bernardino said in Filipino.

Amidst challenges, Atty. Nieva mentioned that while technological advancements benefit society, policymakers must ensure that regulatory frameworks adequately protect personal data.

“These emerging technologies are good for the people, but we have to balance the free flow of information with the inherent right of the people to privacy,” he stated.

In closing, Mr. Paraiso reassured the public of the government’s commitment to cybersecurity.

“I’d like to assure the public right now to trust government. We have a working function at the DICT. That way, we are very, very confident.”

“In a whole-of-nation approach, the public sector and the private sector would collaborate on how to solve [cybersecurity] problems and adapt together to solve these problems,” he added.

This BusinessWorld Insights was in partnership with GCash and Globe Business; and is sponsored by Huawei, ePLDT, PLDT, and PLDT Enterprise; with the support of the Asian Consulting Group, American Chamber of Commerce of the Philippines, British Chamber of Commerce of the Philippines, Bank Marketing Association of the Philippines, Management Association of the Philippines, Philippine Chamber of Commerce and Industry, Philippine Franchise Association, Philippine Retailers Association, and official media partner The Philippine STAR.