WHITE hats or ethical hackers can help create a digitally secure Philippines as their skills can address the country’s cybersecurity gaps, according to the convenors of ROOTCON, an annual hacking conference.
In an Oct. 7 press launch for this year’s ROOTCON, Digital Pilipinas convenor Amor L. Maclang shared an anecdote of a company that called its lawyer to sue a white hat who informed them of their system’s vulnerabilities.
“If a doctor tells you that you’re sick, are you going to sue that doctor?” she asked.
The term “hacker” may bring negative connotations, but “not all are bad. Some are bound by an ethical code,” added Dhonel P. Martinicio, universal content creator of GeiserMaclang Marketing Communications, Inc.
White hats, for instance, find flaws in a system so an organization can fix them and prevent others from exploiting these vulnerabilities for personal gain.
The country has to stay ahead of cybersecurity threats, with the local fintech scene growing steadily due to the central bank’s initiatives to boost online payments, the convenors said.
The Financial Action Task Force, a Paris-based ‘dirty money’ watchdog, said the Philippines is among those jurisdictions “with serious anti-money laundering/counter-financing of terrorism deficiencies [that] may expose the local financial system to significant risks.”
A full disclosure policy needs to be prioritized for the country to survive cybersecurity threats, said Dax “semprix” L. Labrador, ROOTCON founder. This involves the immediate publication of a vulnerability without any delay.
The tendency is for cybersecurity professionals to keep the vulnerabilities they find to themselves due to the fear of being sanctioned, Mr. Labrador noted.
“If full disclosure is available in our country, everything should follow,” he said. “Companies will secure their systems, and researchers will start reporting vulnerabilities.”
Apart from policy, culture is also an important part of the equation.
“The government should have qualitative measures [for measuring] its security posture ratings (or overall cybersecurity readiness),” said Jallain S. Manrique, KPMG Philippines head of technology consulting and cybersecurity. “How do you create a culture across all the agencies where everyone is conscious about security?”
Eman0n, a white hat hacker who has helped the likes of telecommunication firms like Comcast and Globe Telecom, Inc., encouraged leaders to connect with the 4,000-strong white hat community in the Philippines.
“Due to the move of traditional businesses to a more digital space… white hackers are now essential to have in your business or institution,” he said.
ROOTCON is supported by Digital Pilipinas – World FinTech Festival, a movement aimed at influencing change through technology and innovation.
ROOTCON 15 runs from Oct. 12-15, 2021. More details on the hybrid conference can be found at www.rootcon.org. The code RCXDIGIPINAS can be used for discounts. — Patricia B. Mirasol