Blog | New realities of cybersecurity in PH: Welcome to the ‘20s

In the Philippines, just like any other nation in the Asean region, cybersecurity has been elevated from a mere operational consideration to become a critical issue that warrants international cooperation.

This year at the World Economic Forum, we even saw global business and political leaders at the highest levels make clear public commitments to greater openness, transparency, and collaboration in the fight against cybercrime.

Such efforts have pushed with emphatic legislation and government action in the past decade in the Philippines, notably the Cybercrime Prevention Act of 2012, which has brought many online fraudsters and hackers to justice, and the Data Privacy Act of 2012 that had since protected personal information at the highest level.

The National Bureau of Investigation has a dedicated cybercrime unit to quell such threats with the National Privacy Commission doing its mandated role in spearheading data protection initiatives.

The Department of Information and Communications Technology (DICT) has likewise pushed the country’s National Cybersecurity Plan for 2022 that ensures the protection of the Philippines’ critical information infrastructures, the government’s public and military networks, SMEs and large enterprises, big corporations and supply chains, and practically every Filipino using the Internet.

The plan is part of the National Cybersecurity Strategy Framework that implements information security governance and risk management strategies. All of these measures would require the capacity and the capability for quick response and recovery, hence the establishment of the National Computer Emergency Response Team (NCERT).

In addition to this, the DICT partnered with private sector firms for a unified platform called the Cybersecurity Management System Project, a government-wide security operations center that would assist government agencies against cybersecurity breaches and attacks. It has since initiated 10 agencies into the program, including the Office of the President, Department of Finance, Department of Energy, Department of Foreign Affairs, National Security Council, Department of Budget and Management, Presidential Communications Operations Office, National Intelligence Coordinating Agency, and Department of National Defense, and the DICT itself.

And what’s even more remarkable about the DICT’s efforts is its Cloud-First Policy, first issued in 2017, that requires government agencies to adopt cloud computing for government administration and service delivery. This is because cloud computing provides flexibility, data protection, and access to world-class solutions at an instant, including up-to-date cybersecurity.

While the Cloud-First Policy aims to reduce cost, increase productivity, and enhance online reach, it would also eliminate hardware and systems duplication and database fragmentation. Recent amendments in June would address and respond to the challenges of the “new normal” brought about by the Covid-19 pandemic, particularly in handling cybersecurity threats in a cloud-based environment.

These updated measures would provide clearer directions on policy coverage, data classification, and data security, especially in protecting sensitive and critical government data against breaches.

Even the Bangko Sentral ng Pilipinas is at the forefront of ensuring cybersecurity among banks as it issued Circular 982 in 2017 that lays down enhanced guidelines on information security management. Updated regulations instruct banks to report to authorities cyberattacks that affect financial services within two hours when it first discovered the anomalies. 

With the Philippine government stepping up its cybersecurity efforts, all Filipinos should also keep up with ever-evolving strains and attack modes. As such, the onus of securing the digital infrastructure can no longer lie solely with the IT team or the upper echelons of management but is now the responsibility of everyone in a company with access to a computer or smart device.

This reality has been made even more apparent with the unprecedented impact of Covid-19, which has catalysed a dramatic pivot towards telecommuting on a global scale. For the first time ever, as a result of the government-mandated enhanced community quarantine that forced citizens to stay at home, employees from all around the Philippines across major industries are logging on remotely to access company servers via their home Wi-Fi network. This pushed the Philippine digital infrastructure to the very limit – and inadvertently opening a multitude of new attack vectors for threat actors.

Just a few months into the new decade, we’ve already seen the rise of sophisticated attacks globally that exploit Covid-19 panic and social engineering, along with successful attacks on critical healthcare infrastructure and official communication channels.

In these challenging times, perhaps a new perspective is needed. Many Philippine-based companies in the past decade sought to bolster their cybersecurity posture through diversification in a bid to plug as many holes as possible. This meant investing in multiple best-of-breed point solutions, creating a broad and disparate defensive system ecosystem.

This way of approaching cybersecurity led to a chicken-and-egg-like challenge, where more security professionals were needed to support larger teams, which were then difficult to staff as a result of the all-too familiar skills shortage.

But was this all necessary? Our own research conducted in recent years revealed that more organizations in the Philippines are realizing that tools and money don’t solve cybersecurity issues. With playing catch-up to attackers fast becoming the new norm, it has become abundantly clear that a reactive approach to cybersecurity will no longer be sufficient to protect businesses moving into 2020 and beyond. These are four such developments that will define how organizations prepare as we navigate the 2020s:

1. The mistakes of 4G may carry over to 5G

5G networks are at our doorstep, with major Filipino data and communications providers all announcing plans to unveil networks in the years ahead. With telecommuting looking increasingly likely to become the new normal for many industries after the virus storm has been weathered, the promised lightning speed, increased reliability and low latency of 5G will be welcomed by enterprises and employees alike.

Filipinos can see promise with impressive regional developments such as the deployment of 5G-enabled robots in Thailand to monitor and take care of Covid-19 patients and quarantine cases. The benefits of 5G are expected to be far-reaching. 

However, while this provides glimpses into the potential of 5G, we’re not quite there yet. 5G is built on the foundation of 4G, meaning that the same security threats that were present in the 4G network will likely be magnified further on 5G networks – now moving at an ever-growing pace and connected to even more devices. If existing security risks are not dealt with now and roll over into the 5G era, mobile internet service providers could be the first point of failure during a cyberattack, grinding critical services from healthcare to banking to a halt.

2. The Internet of Things will become a minefield

Filipinos are also looking at the prospect of an expected boom in the Internet of Things (IoT), in which there are billions of connected devices proliferating throughout networks across the world.

In Thailand, the adoption of Agri-IoT solutions is seen as a key driver of the country’s Thailand 4.0 vision, while smart city projects in Malaysia and Singapore are aimed at empowering millions of citizens through innovation and disruption.

However, if left unsecured, these connected devices provide multiple entrance points to corporate networks. Furthermore, the 2020s are likely to involve even greater use of sophisticated deep fake technology, which enables attackers to mimic biological identifiers, rendering multi factor authentication, and biometric identification significantly less effective.

In many organizations, unsecured IoT devices are already in place, creating a potential minefield of security ‘explosions’ that could go off at any time – particularly in healthcare IT environments where cyber hygiene, software patches and updates may be taking a backseat at the moment.

In the next decade, organizations will need to continuously retrofit and update IoT devices to remain secure, eventually adopting a “secure by design” approach with security built in from the start — measures for which are beginning to be taken.

Most recently, the Singapore government announced the roll out of its Cybersecurity Labelling Scheme in preparation for this step, with the aim of helping local businesses and consumers start the next decade on safer footing with more secure connected devices. 

3. Embracing AI to get ahead

While the skills shortage feels real to many organizations — especially in the Philippines and the entire Asian region where the shortage is perceived to be particularly acute — the reality is that there is a mismatch between expectations and the actual needs of cybersecurity roles.

The industry could potentially train millions of cybersecurity professionals in the next decade, and still not be able to solve the cybersecurity challenge, unless they fundamentally change their understanding of what a cybersecurity professional actually is.

With attackers embracing automation and artificial intelligence (AI) to launch attacks, cybersecurity professionals also need to stay a step ahead by leveraging AI. AI-driven solutions will be able to detect and remediate anomalies in network behavior at phenomenal speeds well before any human cybersecurity expert could react.

As the use of the technology becomes more commonplace over the next few years, the role of the cybersecurity expert will experience a fundamental shift in skills. This does not necessarily change the need for cybersecurity professionals, nor the number of open positions, but it does mean that the human factor will be a completely different element in cybersecurity design.

With many businesses currently in ‘survival mode’ and coronavirus-themed attacks being one of the largest security threats they will face, organizations that aren’t already exploring AI-driven cybersecurity may find themselves at a disadvantage. Putting the right AI solutions in place can help mitigate the skills shortage and let smart, innovative, talented people focus their skills where they can have maximum impact.

4. Security will influence the next generation of tech products

A DevSecOps approach is one that integrates security processes and tools into the development lifecycle of new products. Baking security into products from the beginning is the only way forward given the uber-connectedness expected for networks in the 2020s, especially so with Asia’s soaring appetite for digital financial services and e-commerce.

The DevSecOps approach makes everyone responsible for security instead of assuming new apps and devices will be secured by the user once in their hands. Instead, security will need to become the constant thread running through all phases of development.

It’s important to note that a 100-percent secure network is not practically achievable even in the next decade. Due to any number of factors, there are always likely to be gaps in an organization’s security posture. This could be because resources are limited, or because vulnerabilities exist in connected partner networks, or simply because cybercriminals find yet another new way to sneak past current defenses.

The most important thing for security professionals to remember is that security must be based around priorities, so it’s essential to understand what the organization’s crown jewels are and protect those effectively.

In this brave new world of cybersecurity, can the enterprise remain one step ahead of cybercriminals? Beyond these steps, the threat landscape will continue to evolve and have profound impacts on the way we design our security infrastructure. Just as how we’re all making concerted efforts to step-up our personal hygiene practices and terms such as “social distancing” and “self-quarantine” have entered our daily vocabulary, so too must we maintain the same level of vigilance when it comes to our digital security moving forward.

The author is the country manager for the Philippines at Palo Alto Networks

Facebook Comments