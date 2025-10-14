GCash advocates for people-first approach to cybersecurity in BusinessWorld forum

Embracing digital transformation is not without risks. Beyond software firewalls, cybersecurity demands collective vigilance from executives to every employee. As cyber threats grow more sophisticated, digital resilience is achieved when employees are empowered to deal with these threats and even prevent them.

This was the message Miguel Geronilla, Chief Information Security Officer (CISO) of GCash, brought to the first leg of BusinessWorld’s Cybersecurity forum series.

By fostering awareness, encouraging accountability, and equipping employees with the right knowledge, businesses can cultivate a culture where security becomes second nature.

“Trust and security are top of mind for our leaders,” he said. “We’re serious about this.”

He added that commitment from top executives is central to sustaining robust security practices, positioning cybersecurity as a shared responsibility.

“We make sure it’s a top-down approach, but not authoritative. You have to champion work integration, make sure it’s part of their lives,” he added.

Furthermore, while advanced systems can provide critical defense, Mr. Geronilla underscored that security values have to be integrated within the everyday experience of workers, as they are the frontliners of defense.

“People just want to do their jobs,” he explained. “You don’t want cybersecurity to be so authoritative that it makes people not want to do it. It should be part of their life and what they do. We must be secure by default, and that means being able to do secure practices on our own. It’s not about the usual awareness, but embedding it into everyday practices.”

This, he argues, is where businesses can shift from imposing rules to enabling resilience. By advocating for a human-centric approach, the GCash CISO posed a challenge for organizations to reconsider how they present cybersecurity. That is, when protective measures are seamlessly embedded and aligned with employees’ daily work, they are more likely to engage.

He also believes that organizational success relies on workers with the right understanding of security. Recognizing that an attack can happen anytime, by empowering the workforce through education, defenses are strengthened.

For GCash—with Mr. Geronilla as their CISO—and other organizational leaders, the challenge in confronting cyber threats is not only in deploying advanced technology but also in encouraging a culture where security is lived to practice. He envisions cybersecurity that is comprehensive and forward-looking. This, he concludes, is how Philippine businesses can sustain both trust and competitiveness in the digital age.

