More than five hundred people from different organizations, the private sector, and the government witnessed and participated in the last part of the webinar series organized by MyBusybee, Inc., “Coping with the Accelerated Digitalization: Empowering Organizations with Digital Tools,” together with the event’s panelists from different fields of expertise, answering the question, “Is the internet a safe place to migrate our business into?”
The pandemic presents an opportunity for full-blown innovation. However, basic awareness and education regarding cyber risks are required to help protect our businesses and organizations from experiencing potential difficulties that could result from a cyber scam or attack.
Presenting their take on cybersecurity were guest speakers Dr. Thelma Villamorel from the Department of Information and Communications Technology (DICT), Ireneus Laszlo Legeza from Busybee’s CyberSecurity Division, and Janssen Esguerra from the National Privacy Commission (NPC) — discussing the impact of COVID-19 on cyber risk and the mitigation measures that businesses and professionals can take.
During her presentation with the topic, “Cybersecurity in the Philippines: How ready are we for digitalization?,” Dr. Villamorel outlined four main talking points — Cyberthreat Landscape, NCSP 2022 Cybersecurity Framework, CERT-PH Organizational Structure, and DICT Cybersecurity Bureau Initiatives, explaining that many of the industries which are transforming serve critical functions and as digital spreads its roots deeper, it also increases the risk and impact of cyberattacks on these institutions. She said, “The question is not if you are going to be a victim, but when are you going to be a victim?” and highlighted the top cyber-attacks that anybody can experience today through attacks on banks, ransomware, data hacks, phishing, and social engineering to name a few. On the bright side, Dr. Villamorel said the effects of these attacks can be mitigated when there is awareness. She emphasized on the truth that, “Data is more valuable than oil and is the most expensive asset in the world.” She then challenged everyone to be responsible in securing cyberspace by becoming more aware and educated about the dangers and risks of the internet.
Mr. Legeza presented the topic, “Strategic Cybersecurity Development for Organizations,” summarizing the different approaches that are necessary for cybersecurity. He noted that the issue on cybersecurity is not something as optional as in the past but has now become a necessity. Because of the increasing frequency and potential severity of attempted cyberattacks, organizations are increasingly recognizing the need for a robust strategy to address the challenges posed by cybersecurity threats. He said that, “Anything digital is hackable, anything mathematical is hackable” and there is no such thing as one hundred percent safe. He then shared Cybersecurity Strategy and Plan template (which was made available for download) to help organizations redefine strategies, undertake organizational change and workforce upskilling at scale, and manage increased digital, data, and cybersecurity risks.
Mr. Esguerra shared some valuable tips on how to secure our information online and significant points of the Data Privacy Act in his presentation. Businesses and institutions need to ensure that they have the right security solutions in place to ensure they are able to keep their data and infrastructure safe. One of the highlights from the presentation was on the importance of innovation through regulatory sandboxes that can help shape better policies and technologies for consumers and roll out the necessary interventions to eradicate the threat and recover. He concluded with a highly-commendable message from the National Privacy Commissioner himself, Raymund Liboro, “The NPC supports the successful use of digital technologies and the processing of personal data… in a manner that is effective, and preserves and protects the data privacy rights of individuals,” showing that privacy is the utmost priority because it’s the key for enabling technologies and protecting rights. At the panel discussion, Mr. Esguerra explained that whenever there is a security incident or a sensitive public information is breached or acquired by an unauthorized person, the NPC will conduct a thorough investigation to assess and evaluate the incident, restore integrity to the information and communications system, mitigate and remedy any resulting damage, and comply with reporting requirements.
There are many ways to reduce the likelihood and impact of a cyberattack, but it requires focused action and planning. Companies who are already educated about cybersecurity will be better prepared to face the continuous increase of cyber threats. Busybee believes that education plays an important role in pushing the development of the country’s cybersecurity capability. Moreover, the company believes there should also be a strong collaboration between the public and private and government sectors to ensure better knowledge-sharing across the board. We must all cooperate with the goal to enhance the current setup of security architecture and work together for the development and application of security measures among the businesses and organizations to ensure collective resilience.