The Duterte administration’s priority program, the creation of a national broadband infrastructure, has drawn the support of one of the world’s top PC makers who urged the government to invest on technology to ensure data security and protect confidential information from cyber criminals.
The Department of Information and Communications Technology (DICT), the lead agency charged with implementing the program, has been at the forefront these efforts.
In line with this, OpenGov Asia recently invited Lenovo Enterprise Sales Specialist Bryan Beronilla to talk about cybersecurity. He shared his insights and expertise about data security and advised government agencies to treat cybersecurity as an imperative and not just an option.
“Hackers tend to target government agencies because of the preconception that these agencies do not yet have a proper set of security protocols in place making them the most frequently targeted by hackers,” Beronilla said. “Also, the confidential data collected by the government automatically makes them a gold mine for hackers,” he added.
Cybersecurity is particularly relevant now given that two high-profile incidents last year—the Bangladesh bank heist and hacking of Philippine election data of the Commission on Elections—demonstrated the weakness of the country’s security infrastructure network.
The issue also gains urgency at since the country experienced tremendous economic growth and was hailed as Asia’s fastest-growing economy in the second quarter of 2016. Beronilla said that to sustain this growth and push development further, the country must improve its data security.
According to the 2017 State of Malware Report by Malwarebytes, the Philippines is now the world’s “botnet haven” because it accounted for more than 50 percent of botnet detections in the Asian region. It also added that the country is home to a disproportionately large source of banking Trojan malware.
This issue resurfaced during the OpenGov forum when participants from the government sector admitted that they lack the personnel and technology to combat cyber threats and that “internal hacking” is a frequent issue alongside the overlooking of authentication processes.
To achieve a secure cyber environment, Beronilla advised government agencies to first develop a defined data security protocol, even before they acquire any technology.
“A strategy allows for centralized control, decision-making, and is the only way that policy, funding, and action can be coordinated to solve a common problem which, in this case, is the protection of data. Having a defined IT and Information Management Strategy is crucial as this essentially lays the foundation of the data security protocols and measures to be applied,” he said.
Michael Ngan, Lenovo Philippines Country General Manager, recommended that agencies approach data security holistically by considering it as an imperative rather than an expense. he creation of a department solely dedicated to protecting data is also a necessity, he added.
“By developing a separate group, agencies can now gather crucial data which can be used to track where and how data flows, allowing the agency to protect data at every stage and in every part of their infrastructure. This is similar to data being water and infrastructure as pipes. If you want to ensure that there are no water leaks then you have to visit and fortify every pipe in which water flows,” Ngan said.
Ngan also urged the government to train their employees on the basics of data security.
“Security breaches can come from anywhere, from external and internal means to physical and digital means.
This alone makes educating employees a crucial part in the government’s national broadband plan,” he said.