Cyber defense and geopolitical experts urged the government to close ranks with the private sector and collaborate with state allies in fighting cybercrimes.
In the forum held recently on the establishment of a strong and credible cyber defense posture in the Philippines hosted by the Stratbase Albert del Rosario Institute in partnership with the US Embassy in the Philippines, former director of the United States National Security Agency’s Threats Operations Center Dan Ennis said government and private sector partnership is key in fighting cybercrimes.
“The biggest strategy you can do, from my perspective, to defeat cybercrime is by sector, by entity, by company, by government agency, by wherever you sit. Set a set of priorities that you will focus on and then communicate those priorities again and again and again. They may change over time, but that communication will do a lot of good, both in helping defend and helping our public gain confidence that we know what we’re doing both in the government and in the private sector,” he said.
Ennis believes cyber threats will continue to evolve as seen in recent developments.
“I think our citizenry are going to begin to challenge us both in the public and private sphere with how we respond to cyber. At some point, our citizenry, our public, as they get more educated and as we attempt to fully educate them, is going to demand solutions. It’s an area that we need to be conscious of,” Ennis added.
Similarly, the Department of Information and Communications Technology said it is also pursuing public-private partnerships to secure the cyberspace amid budget cuts in 2023.
DICT Undersecretary for Special Concerns Paul Joseph Mercado said the agency originally asked for a P34 Billion budget for next year but only P5 Billion was allotted in the proposed 2023 national budget.
“We are trying to make do with what we have. We will try to pursue public-private partnerships. There are ways even with limited budget. If we spend this correctly, I think we will still have a very good future ahead of us in terms of these ICT projects,” Mercado said.
The National Bureau of Investigation earlier said that there was a more than 200% increase in phishing cases reported to the agency in 2020 while the Department of Justice’s Cybercrime Office also reported a 264% increase in the number of reported online sexual exploitation of children in March-June 2020 alone.
A 2021 survey by Cybersecurity firm Sophos also showed that 69% of Philippine organizations experienced ransomware attacks in 2021. The Bangko Sentral ng Pilipinas also reported receiving 42,000 complaints related to online transactions in 2020-2021, amounting to P540 Million.
Stratbase ADR Institute President Dindo Manhit urged the Marcos Jr. administration “to explore opportunities to engage in bilateral, minilateral, and multilateral initiatives such as capacity-building and expertise-sharing activities with like-minded partners such as the United States.”
Manhit said cybersecurity must be treated as a matter of national security.
“The country’s digital infrastructure needs to be strengthened as a result of the ongoing exposure to cyber threats, thus policies and initiatives must be developed and put into action,” he added.
Recognizing that building a state’s cyber capabilities is a regional concern, Manhit stresses the need for collaboration in the Indo-Pacific region to enhance defensive and offensive cyber capacities, increase state interoperability, and ensure collective security.
“More importantly, the Stratbase ADR institute advocates for the responsible utilization and behavior of states and other actors in cyberspace and urges everyone to recognize that international law governs both online and offline spaces… the need for cybersecurity is an opportunity for cooperation among states in the region. Only by creating a strong and credible cyber defense posture will the Philippines and Indo-Pacific be able to achieve a secure and trustworthy digital community,” Manhit said.
United States’ Cybersecurity and Infrastructure Security Agency Program Manager Paolo Pascetta said relationship with its treaty allies in the region, including the Philippines, is a paramount importance to the United States as they confront threats from state and non-state actors.
Pascetta said CISA plans to hold training sessions on cyber hygiene and cyber work force development in Manila in the early 2023.
“I don’t think that it’ll come as a surprise that cybercrime is exploding. Various projections exist numerically anywhere from 4 to 6 trillion annually is the cost of cybercrime. It is also anticipated that the digital transformation as part of another industrial revolution that we are currently undergoing will create an estimated hundred trillion of additional value to the world economy by 2025,” Pascetta explained.
De La Salle University Assistant Professor of International Studies Francis Domingo also urged the government to strengthen the National Security Cybersecurity Plan by including diplomacy and the Department of Foreign Affairs in the framework.
“Diplomacy was not figured in the plan. The Department of Foreign Affairs was not part of the inter-agency framework. They are front and center because of what’s happening now, the increasing cyber skirmishes. So diplomacy means norms. Diplomacy means international law. We already have a set of cyber norms,” Domingo explained.
“I argue that if we’re facing, let’s be blunt, Chinese cyber operations, the logical strategy is to leverage our alliance because we already have it. Whether the treaty covers cyber is still in a gray area but it does not mean that we can’t focus on capacity building, we can’t focus on exercises, and we can’t focus on diplomacy,” he added.