By Arjay L. Balinbin, Senior Reporter
INSURANCE, workforce education, enactment of more cybersecurity laws, and addressing obstacles to implementing the government’s existing policies are crucial for strengthening the Philippines’ defenses against cyberattacks, experts said.
“I would advocate for more local market support for cybersecurity insurance,” Ana Margarita “Miren” Sanchez, Philpacific Insurance Brokers & Managers, Inc. (Philinsure) vice-president for strategy and engagement, said at the BusinessWorld Insights virtual forum on Wednesday.
She noted that the trend of moving data to the cloud from the web is seen to accelerate over the next 12 years.
“We should expect whatever data we have online to be 12 times that in the next 12 years,” Ms. Sanchez said.
This means more exposure to cybercrime, cyberthreats, or cyber risks, she noted.
According to a recent study by online marketing firm Reboot Digital PR Services, the Philippines is the ninth “least cyber secure” in Asia, mainly due to a huge number of phishing and malware-hosting sites.
The average cost of losing our data globally is “$200,000 (or more than P11 million) per cyberattack regardless of company size,” Ms. Sanchez said, adding that small and medium enterprises (SMEs) are the most vulnerable entities.
Despite the need for insurance in response to cyberattacks, she said it has been challenging to secure such a product, noting there is no local market support for it.
Melchor T. Plabasan, director and head of the Technology Risk and Innovation Supervision Department of the Bangko Sentral ng Pilipinas, said the Philippines is still “evolving” in terms of cybersecurity.
“There are some pending legislation or measures right now, which can help address the known gaps in addressing cyberthreats,” he noted.
Francisco “Cocoy” Claravall, vice-president for Partner Ecosystem for Globe Business – Enterprise Group, said there is a need to “increase awareness and education about threat problems and how to protect ourselves.”
This also means that Philippine organizations, both private and public, need to train more cybersecurity professionals to keep up with the growing number of threats.
“In the Philippines, we’ve seen an average of 2,115 weekly attacks against companies and organizations, higher than the standard in Southeast Asia,” Mr. Claravall said.
He stressed that all stakeholders should prioritize countermeasures and identify where resources are needed to defend against sophisticated attacks.
Organizations also need to “deploy technology to continuously validate the legitimacy of digital interactions and establish rapid response capabilities to quickly address the early signs of a breach,” he added.
Allan S. Cabanlong, founder and chief executive officer of CyberGuardians, Inc., said the government already has cybersecurity awareness programs and a cybersecurity plan in place, but implementation is difficult.
“The main challenge now with the government is the implementation. All the plans and guidelines have already been laid out,” he said.
“The laws are there already, although there are some proposed measures that we also need. The question now is how these [policies] are implemented.”
He stressed that the approach to implementation should be “whole of society.”
“The government is expected to be able to change the mindset that cybersecurity should not be operated under the radar, but with strong participation of stakeholders.”