HEADLINES about cyberattacks, cybercrimes and concerns over data breaches have not escaped the news agenda in the Philippines, alongside discussions for better data protection.
At some point, we have all read about instances where cybercriminals have maliciously leaked or stolen crucial information from organizations and individuals. This information, such as confidential company data and emails, personal records like IDs and addresses, and financial packages, have been taken from virtual data servers that are either unprotected or secured with antiquated security controls, which are ineffective in the context of today's threat landscape.
Looking ahead, one of the top priorities of the new administration must be on strengthening the country's national cybersecurity, as this would be key in supporting the country's economic development goals and enabling it to participate more meaningfully in the fast-growing digital economy.
The journey to reaching a state of cybersecurity in the Philippines where its citizens and businesses are sufficiently prepared against cyberattacks is still a work in progress. In today's highly connected landscape, how could the various stakeholders in the ecosystem — be it government agencies, businesses or industry associations — work hand-in-hand to mitigate the risks of cyber threats and build a secure digital landscape?
Lay of the 'digital' land
delivered to your inbox
What most people may not be aware of, is that the internet was only invented around 40 years ago, and Filipinos are big fans, clocking in an average of 10.27 hours per day as of January 2022. In the last 10 years or so, the Philippines has made some strides in advancing the country's state of digital technologies.
On a national level, the Philippine government is already taking measures to implement regulatory frameworks that would shape cybersecurity policies. Years have passed since the National Cybersecurity Plan 2022 was unveiled in May 2017, with the aim of assuring the continuous operation of the nation's critical infrastructures, public and military networks, and protecting small and medium enterprises to large businesses, corporations and its supply chains, as well as every Filipino using the internet.
Across the country, the promise of greater digital transformation, however, is clear: greater digital inclusion for Filipinos and tremendous growth in digital payments are just some conveniences and opportunities that have become available, as a growing number of people get more and more connected to digital services and each other.
As the pace of digitalization continues to pick up, for the nation to keep itself secure as well as reap more benefits from the booming digital economy, here are some key considerations and measures to guard against cybercrime and cyberattacks.
Threat intelligence, detection
The International Criminal Police Organization, commonly known as Interpol, and police forces around the world would sometimes issue "Wanted" posters with information about suspects. Similarly, cyber threat intelligence contains information about what current threats look like and where they come from. As the saying goes, "prevention is better than cure." To that end, threat intelligence is all about acting on valuable real-time information to defend against any potential incoming attacks, so as to successfully mitigate attacks heading your way.
Trust no one
Trust is important in all relationships. You do not allow anyone you don't trust to look through your phone or take care of your belongings.
Trust is especially integral in cybersecurity. This is where the concept of "Zero Trust" security comes in — a Zero Trust security model is based on the principle of maintaining strict access controls and not trusting anyone by default, even those already inside the network perimeter. A Zero Trust model means no one is trusted from the get-go. Conversely, a traditional IT network security tends to trust anyone and anything inside the network, giving free rein to an attacker who has penetrated the network to move laterally within the network, eventually getting hold of valuable information or being able to deploy malicious software such as ransomware inside the environment.
As the Philippines become more reliant on digital systems, a Zero Trust approach to security is a must. As verification is required from anyone trying to gain access to resources on the network, there is an added layer of security, which goes a long way in deterring cybercriminals and preventing breaches. Fortunately, the majority (86 percent) of Asia-Pacific organizations are turning to Zero Trust security models to secure their networks, according to Cloudflare's APAC Zero Trust Survey 2021. Of those that have yet to implement Zero Trust, 58 percent said they would be implementing a Zero Trust strategy in the next 12 months.
Practicing good cyber hygiene
Employees continue to be the prime target for hackers to gain access to corporate networks, an issue that has only been exacerbated by the pandemic. This is because the rise of remote working environments also means more people are increasing their digital footprint and the use of their personal mobile devices. According to the Cybersecurity and Infrastructure Security Agency (CISA), more than 90 percent of successful cyberattacks start with a phishing email. This underscores the need for more robust systems and better education, so employees are able to stay ahead and avoid getting lured into hackers' traps. It is important that the government and organizations promote cybersecurity education and awareness, so the billions of people on the internet could stay safe online.
Whether you're a seasoned IT professional or a novice website operator, it's always a good idea to practice good cyber hygiene and stay vigilant. This means abiding by best practices such as not reusing passwords across accounts, using multi-factor authentication, keeping software up to date, and being extra cautious about clicking on links in emails. These simple, immediate actions would ensure that you keep your online presence secure in a distributed environment.
The government, organizations, big and small and even end-users, all need to play a part in order to set the foundation for a more secure digital landscape, and the risks for cyberattacks could be lowered significantly. In the long term, with improved cybersecurity governance and stronger cyber walls, Filipinos could look forward to a safe, secure and stable digital world — provided they too play their part in becoming more knowledgeable on cyberthreats, and not fall victim.
Satyen Desai is Cloudflare vice president for Southeast Asia and Korea.