A LAWMAKER has called on his colleagues to work on the speedy approval of pending bills that aim to protect the country’s digital infrastructure from cyberattacks.
Rep. Brian Raymund Yamsuan of Bicol Saro party-list made the call following a recent executive order of President Ferdinand Marcos Jr. adopting the government’s National Cybersecurity Plan (NCSP).
Yamsuan also welcomed reports that the President, along with Japanese Prime Minister Fumio Kishida and US President Joe Biden, will firm up plans to set up a joint cyberdefense framework when the three leaders meet in Washington on April 11.
“The National Cybersecurity Plan adopted by the President, complemented by strengthening multilateral ties with our allies, and passing pending bills in Congress that aim to transport our country’s safety into the digital era will help fortify our defenses against increasing cyberthreats and other intrusions,” Yamsuan said.
He said one of his co-authored measures—House Bill (HB) 8199–provides the starting point for the Department of Information and Communications Technology (DICT) to effectively implement its NCSP that was adopted by the President through Executive Order (EO) 58 issued last week.
The NCSP outlines a whole-of-nation roadmap aimed at strengthening the security and resilience of the country’s cyberspace, while HB 8199 prescribes security measures to critical information infrastructure (CII) institutions to protect their digital assets from risks, threats and attacks, Yamsuan said.
Under the bill, CII institutions include banks and other financial institutions; emergency services and response agencies; broadcast media; the industries of health, energy, telecommunications, transportation, and water, to name a few.
On the other hand, HB 8199 designates the National Computer Emergency Response Team (NCERT) as the government’s centralized reporting mechanism for information security incidents.
The bill also requires all government agencies to assign at least one staff member with sufficient information security training and credentials as point person in ensuring compliance with NCERT’s reporting requirements and adherence to prescribed standards. That person also tasked to build the information security capability of the agency where he or she is assigned.
“This measure complements the NCSP and is a good jump-off point in accomplishing one of the plan’s primary objectives, which is to ensure convergence among all government agencies in protecting our country from cyberattacks,” Yamsuan said.
Yamsuan said while several government agencies already have some sort of mechanism to boost their cybersecurity capabilities, a unified system of setting up minimum security standards, monitoring, detecting and mitigating threats needs to be established.
Other measures that also support the NCSP are HB 7393 or the proposed Anti-Financial Account Scamming Act, HB 9888 or the Financial Literary and Fraud Prevention for Workers bill; and HB 7976 that classifies phishing and other forms of online fraud as acts of economic sabotage.
“The early passage of these bills and other similar measures pending in both the House (of Representatives) and the Senate will help make the country’s digital space safe for every Filipino,” Yamsuan said.
According to the DICT, the Philippines has been increasingly vulnerable to cyberattacks.
Its NCERT monitored 57,400 cybersecurity threats, and handled 3,470 incidents from 2021 to February 28, 2023.
The top three cybersecurity threats were malware (48.9 percent); data leakage (12.5 percent); and compromised websites (12.4 percent), according to NCERT data.
An overwhelming majority of these threats targeted government emergency response systems, the academe, and the telecommunications sector. Even the websites of the House, the Senate, Philhealth, the Department of Science and Technology (DOST), and the Philippine Statistics Authority (PSA), among others, have been hacked.