The Department of Information and Communications Technology (DICT) launched on Thursday, Dec. 8, a six-year national cybersecurity strategy that seeks to ensure the protection of critical infrastructure from cyber attacks through effective coordination with law enforcement agencies.
The initiative known as the National Cybersecurity Plan 2022 was crafted by the Cybercrime and Cybercrime Investigation and Coordination Center (CICC), an attached agency of the DICT headed by its executive director and concurrent assistant secretary Allan Cabanlong.
The framework aims to assure the continuous operation of the country?s critical ?infostructures? as well public and military networks. It also seeks to implement cyber resiliency measures to enhance the ability to respond to threats before, during, and after cyber attacks and to implement a public awareness campaign on cybersecurity measures.
The cybersecurity plan is eyeing to institutionalize the adoption and implementation of Information Security Governance and Risk Management approaches based on globally recognized standards.
It also aims to establish the National Computer Emergency Response Team (NCERT) to build the capability and capacity of the government for quick response and recovery during hacking incidents and other cyber-attacks.
“We are specifically mandated to protect consumers and uphold their right for a free and open Internet,” DICT sec. Rodolfo Salalima said in a press briefing at the Crowne Plaza Hotel in Pasig City.
He said the ICT department asked for the assistance of the Malaysian government to share its expertise on forming a coherent and well-developed cyber security plan.
For his part, Cabanlong said that international cooperation is vital in deterring cyber-crime incidents.
“A capability building program of international standard must be set in place in accordance to the demands of digital forensics, network analytics and defense conceptualization, among others,” he said.
“Included in the cooperation are detection and mitigation approaches, frameworks for coordination of international originators of attacks, and co-design of stakeholder engagement strategies.”
Under the cybersecurity governance framework, the DICT will be in charge of coordinating national protection, prevention and mitigation and recovery from cyber incidents, dissemination of domestic cyber threat and vulnerability analysis, security of government and civilian infostructure and investigation of cybercrimes under its jurisdiction.
The Department of Justice (DOJ), Philippine National Police (PNP) and the National Bureau of Investigation (NBI) will be the lead agencies for the investigation and prosecution of cybercrimes, as well as the enforcement of cybersecurity laws.
The Department of National Defense (DND), meanwhile, will be in charge of defending the country from cyber-attacks, intelligence gathering of foreign cyber threats, securing national security and military systems, and investigation of cybercrimes under military jurisdiction.
The CICC, on the other hand, is mandated to establish cybersecurity measures that would guard the country against cyberthreats.
It is expected to enforce, evaluate, and constantly monitor the cybersecurity policies through regular assessment and compliance activities, conduct of annual cyber drills and exercises and cybersecurity education and awareness program.
“Rest assured that the DICT is in the frontline of cybersecurity protection for the Filipino people,” Salalima said. — Aerol B. Patena, PNA