PH intel fusion center eyed to boost cybersecurity —DICT

The Department of Information and Communications Technology (DICT) outlined its strategies to secure the Philippines’ cybersecurity landscape under the National CyberSecurity Plan (NCSP) 2023-2028.

The plan aims to establish a trusted, secure, and reliable cyberspace for every Filipino, according to DICT Critical Infrastructure Evaluation and Cybersecurity Standards Division officer-in-charge George Tardio during his discussion at the 2024 BaLinkBayan Stakeholders Conference on Wednesday,

“We have to have [all] particular issues solved or focused bago pa mahuli ang lahat… It’s really evolving, it changes every second pag nagiimbestiga po kami. Hindi sila nasasatisfy,” said Tardio.

(We have to have [all] particular issues solved or focused before it’s too late… It’s really evolving, it changes every second when we investigate. They are not satisfied)

The DICT has prepared three ideal outcomes that would result in a more secure Philippine Cyber Landscape.

NCSP outcomes

The first outcome focused on protecting the Philippine cyberspace by enhancing and strengthening the government’s network and organizing response teams, database and detection protocols in case of cyber-attacks.

“Kung halimbawa nagkaroon ng major incidents, pinupuntahan natin and we are working 24/7… Sa ngayon, limited ang manpower [and] that’s why nakita namin na talagang ito ay kailangan i-strengthen,” said Tardio.

(If there were major incidents, for example, we would go there and we are working 24/7… As of now, the manpower is limited [and] that’s why we can see that it is what we really need to strengthen)

DICT also aims to establish a national network of Computer Emergency Response Teams (CERTs) and a National Cybersecurity Intelligence Fusion Center to oversee all sectors of the country, including private sectors and defense sectors.

“What is missing right now is that when we detect particular threats, di po expertise ng DICT to determine whether this particular threat ay may national security concern. Ang trabaho po ng Fusion Center na to is tignan po yun such that kapag nalaman, the DICT will now start uncovering all the artefacts as a result of the initial investigation sa threats na yun,” Tardio shared.

(What is missing right now is that when we detect particular threats, it is not the expertise of the DICT to determine whether this particular threat has a national security concern. The work of the Fusion Center will be to look into it as such that if it is found, the DICT will now start uncovering all the artefacts as a result of the initial investigation on those threats)

Under Outcome 1, DICT also intends to adopt a six-stage incident response model for cybersecurity incidents —Identify, Contain, Analyze, Eradicate, Recover, and Lesson Learned.

“Gusto lang natin iisa ang tinitignan… Iisa yung bible, iisa ang reference na tinitignan in terms of cyber-incident response handling or investigation,” he continued.

(We only want to look at one thing… There would only be one bible, one reference to look at in terms of cyber-incident response handling or investigation)

Under Outcome 2, the DICT said that they aimed to increase the capabilities of the cybersecurity workforce in the Philippines.

Such efforts included the establishment of an ICT Academy to create a Cybersecurity Center of Excellence and revising the index of cybersecurity-related occupations.

The declaration of October as CyberSecurity Awareness Month under Proclamation No. 353 in 2023 also falls under this outcome.

Outcome 3 outlines efforts to strengthen the cybersecurity policy framework in the country.

The NCSP 2023-2028 Strategic Framework Outlines the National Cybersecurity Inter-Agency Committee (NCIAC), which acts as the “convergence point for implementing cybersecurity policies and strategies.”

The NCIAC lists Policy and Technological Control, National Security, Cybercrime, and Socio-Economic Prosperity as key policy areas where cybersecurity is needed.

DICT also seeks for an executive order to protect Critical Information Infrastructure to protect data according to certain criteria ranging from Environmental Assets to Critical Assets, as well as other policies and guidelines for service providers, devices, and other digital assets.

“Each agency should craft your own cybersecurity or cybercrime strategy aligning with this plan,” he said.

Threats encountered in the PH cyberspace

The Philippines is a hot target for cybercrime due to the increasing digitalization of services, rising internet penetration, and lack of cybersecurity awareness in the country, DICT said.

“Nagiging favorite [place] tayo iattack ng mga actors na yan… Nagiging oportunidad sa kanila ng attackers,” Tardio commented.

(We are becoming the favorite [place] for these actors to attack… It is becoming an opportunity for attackers)

Among the listed common cyber threats experienced in the Philippines were malware, Phishing, Ransomware, Denial-of-Service (DoS) attacks, Social Engineering, and Zero-Day Attacks.

To combat said issues, DICT recommended implementing general security measures, which include implementing cybersecurity policies, regularly updating software and systems, and conducting cybersecurity awareness training.

“The digital landscape is constantly evolving, creating new opportunities and challenges. It’s really evolving, it changes every second kapag nagiimbestiga po kami. Hindi sila nasasatisfy na okay na ito at nakita ko na ang kahinaan ng agency,” he said.

(The digital landscape is constantly evolving, creating new opportunities and challenges. It’s really evolving, it changes every second when we are investigating. They are not satisfied with just knowing the weakness of an agency)

The NCSP 2023-2028 was created under Executive Order No. 58, Series of 2024 was implemented under President Ferdinand Marcos Jr.’s  Executive Order 58, "as part of the administration's efforts to strengthen the security and resilience of the country's cyberspace."

“The NCSP 2023-2028 is hereby adopted as the whole-of-nation roadmap for the integrated development and strategic direction of the country's cybersecurity," according to EO 58.

Amid present threats, DICT vowed to increase cybersecurity, growing partnerships, and investment in cybersecurity as a positive outcome to the growing cyberspace in the country.—LDF, GMA Integrated News