Duterte Year 2: Is the Philippines secure online?
MANILA, Philippines – As the world increasingly looks toward a digital future, cybersecurity becomes of paramount importance, not only in preventing cybercrimes from happening, but also in mitigating the damage from attacks online.
While the world stage is seeing an increase in various attacks, it's up to individual countries to find their way across the digital landscape and keep people safe.
Let's take a look at the state of cybersecurity around the world, and know what experts have to say about the Philippine cybersecurity landscape.
More new threats around the world
Akamai's latest State of the Internet – Security report analyzed current cyberattack trends for a 6-month period from November 2017 to April 2018. It found there was a 16% increase in total distributed denial of service (DDoS) attacks, with record amounts of bandwidth being used to trample legitimate services. (READ: GitHub down only less than 10 minutes after massive DDoS attack)
According to Kaspersky Lab Southeast Asia's general manager Siang Tiong Yeo, cybercriminals around the world are "upping their game."
Siang added, "There are not just increased numbers of attacks but the level of sophistication of each malware they develop has also been improving consistently."
Paul Oliveria, Trend Micro Technology communications lead, meanwhile, noted seeing "the continued prevalence of digital extortion, business email scams, business software being at risk of manipulation, and cybercriminals taking advantage of vulnerabilities in IoT devices, among others" in its cybersecurity predictions for 2018.
In Trend Micro's 2017 roundup of cybersecurity issues, they also pointed to ransomware bringing about more global outbreaks despite having fewer major parties involved in attacks. Meanwhile, old threats are making way for more adaptable types that can exploit vulnerabilities in new ways. The boom in cryptocurrency has also inspired new types of attacks – cryptocurrency mining malware in particular.
How the Philippines deals with attacks
Oliveria and Siang say the Philippines is on equal footing with the rest of the world when it comes to knowing about the dangers of cyberattacks and data privacy – a statement made more noticeable by how often cybersecurity companies say we get attacked.
Kaspersky Lab said that, as of June 25, 10:30 am, the Philippines ranked 24th as most-attacked country globally. It also said the company blocked 674,147 web threats and 5,876,500 spam emails from June 17 to 23.
Siang said the Philippines "made great strides with the passage of its Cybercrime and Data Privacy Laws – these are immensely significant laws from where national policies are solidly anchored on."
Siang added, "We also believe that the programs of the Department of Information and Communication Technology, such as its National Cybersecurity Plan 2022 and the much-anticipated setting up of a cybersecurity body, would allow the government to deliver its promise of protecting the people's data and privacy."
Oliveria meanwhile said: "Individuals are more aware or conscious about their privacy. More employees, clients, and consumers are demanding for better security practices from companies or organizations handling their personal data."
The General Data Protection Regulation (GDPR) of the European Union may also help improve the country's data protection practices.
Knowing threats exist, however, is different from doing something about them. This leads to the major deficiency in the Philippines when it comes to being a secure country online.
The skills gap
Oliveria said there is a global cybersecurity skills gap and the gap affects the Philippines as well.
He explained: "The 2017 Global Information Security Workforce Study by Frost & Sullivan for the Center for Cyber Safety and Education estimates a global shortage of 1.8 million cybersecurity professionals by 2022. It also reported that 61% of professionals in the APAC region indicate that there are not enough information security workers in their departments."
There is also an uneven distribution of skilled cybersecurity professionals around the world, owing to the digital divide.
Oliveria said: "Department of Information and Communications Technology Assistant Secretary for Cybersecurity and Enabling Technologies Allan S. Cabanlong has said that there are only 84 certified information security systems professionals in the country, and almost half of them work overseas."
This lags behind the Philippines ASEAN neighbors: Indonesia has 107, Thailand has 189, Malaysia has 275, and Singapore has 1,000.
The skills gap also presents itself as part of the effects of the K-12 education program, with fewer students in the interim graduating from college to potentially learn about cybersecurity and shore up the country's cyber industry.
What can the Philippines do?
Aside from investing in infrastructure to allow people to get online, there must also be investments made to eliminate the skills gap – by investing in people learning more about technology, and providing avenues where they can be properly compensated for their knowledge and skills.
The challenges the country faces when it comes to cybersecurity will only grow with time.
The government, aside from finding the right laws to enact to protect people online, must also nurture people who can do the work to support the country's cyber-initiatives. – Rappler.com