|
Getting your Trinity Audio player ready...
|
In a world where technology is advancing at an unprecedented rate, concerns about data privacy, cybersecurity, and ethical considerations are mounting. With the rapid evolution of technology comes the need for responsible innovation in the realm of cybersecurity, and recent developments underscore the urgency of this call.
Recent reports reveal a concerning 8% surge in global weekly cyberattacks during the second quarter of the current year, marking the highest volume seen in the past two years. These statistics underscore the critical significance of cybersecurity, accentuating that it serves not only as a protective measure but also as a foundational business enabler capable of unlocking strategic opportunities for sustained organisational expansion and development.
The Philippines, in particular, has experienced a mushrooming of threats, ranking fourth globally in terms of the highest incidence of cyberattacks. Over the period from 2020 to 2022, the country recorded around 3,000 cyberattacks, with a significant portion of these targeting government systems and networks. This underscores the critical necessity for robust cybersecurity measures to safeguard sensitive government data and infrastructure.
Adding to the concern, the Cybercrime Investigation and Coordination Centre (CICC) reported a striking 152% increase in cybercrime cases in Manila during the first half of 2023 compared to the same period in the previous year.
In light of the increasing cybersecurity threats, the adoption of new policies to enhance cybersecurity is considered vital. This necessity applies to both governmental institutions and private organisations. These measures are designed not only to protect data and systems but also to ensure the well-being of employees and foster trust within these organisations.
One proposed strategy is the “Prevention First Approach,” characterised by its three Cs: Comprehensive, Consolidated and Collaborative. Leveraging cutting-edge technology, including big data threat intelligence and advanced artificial intelligence (AI), this approach is designed to predict and prevent advanced threats across a wide spectrum of digital domains.
To fortify cybersecurity infrastructure and capabilities, organisations need to be equipped to detect and neutralise emerging threats proactively. This entails the adoption of a comprehensive suite of security solutions, encompassing firewalls, intrusion prevention systems, and advanced threat protection. These components together form a multi-layered security architecture, ensuring a robust defence against cyberattacks.
By embracing these innovative technologies and reinforcing cybersecurity infrastructure, organisations can not only protect themselves from the evolving threat landscape but also create a safer digital environment in an increasingly interconnected world.
In the face of growing challenges, responsible innovation, collaborative efforts, and the implementation of robust cybersecurity measures pave the way for a more secure digital future.
The OpenGov Breakfast Insight on 27 October 2023 at Shangri-La The Fort Manila, provided a platform for various technology leaders from both the public and private sectors to engage in discussions regarding the necessary preparations organisations must undertake to thwart cyber threats that can strike at any moment.
During this event, participants exchanged thoughts, shared ideas, and discussed their experiences, fostering mutual support and bolstering cybersecurity to enhance the Philippines’ resilience for the benefit of future generations.
Opening Remarks
Mohit Sagar, CEO and Editor-in-Chief of OpenGov Asia acknowledges that ASEAN is currently at the centre of international attention. This region is seen as a very promising economic growth potential for countries around the world in the future. ASEAN’s superiority in terms of economic potential further strengthens its position as a major player on the global economic map.
The ASEAN region has various supporting factors that make it a very attractive investment destination. ASEAN’s success in opening up to international trade, infrastructure progress and stable economic growth have become strong drivers of foreign investment interest. Hence, ASEAN provides unique business opportunities for global economic players.
“Future economic progress must be in line with increasingly important developments in technology and cyber security,” Mohit notes. “In the digital era that continues to develop, technology plays a key role in supporting economic growth. However, as technology advances, risks related to cybersecurity also increase.”
Countries and businesses need to recognise that sustainable economic growth must be balanced with investment in cybersecurity. Threats such as cyberattacks, data theft, and privacy breaches can have a detrimental impact on the economy. Therefore, efforts need to be made to protect digital infrastructure and economic data from this threat.
Investments in cybersecurity technology and efforts to strengthen policies related to data protection are key in ensuring that economic progress is not disrupted by cyber risks. Apart from that, collaboration between the public and private sectors in building a strong cybersecurity ecosystem is also crucial.
Enhancing cybersecurity involves a multifaceted approach. Firstly, organisations should adopt a comprehensive strategy that combines cutting-edge technology, robust cybersecurity best practices, and well-defined policies.
This unified approach helps protect digital assets and operations by addressing a wide array of threats and vulnerabilities. By leveraging advanced tools, following security guidelines, and implementing robust policies, organisations can minimise potential risks
The second key strategy focuses on gaining tactical advantages within an ever-evolving threat landscape. This entails streamlining security operations, reducing complexity, and improving the overall efficiency of cybersecurity measures.
As cyber threats become increasingly sophisticated, simplifying the security infrastructure and processes can empower organisations to respond swiftly and effectively to emerging challenges, ensuring the integrity and resilience of their digital systems.
Mohit also stresses the importance of protecting and monitoring workloads in cloud environments. As businesses continue to migrate their applications and data to the cloud, the need for robust security measures and continuous monitoring becomes paramount. This ensures that cloud-based workloads are shielded from potential threats and vulnerabilities, safeguarding critical data and operations in the digital sphere.
“Cloud security is not just a desirable feature; this is an absolute necessity to protect corporate interests, maintain consumer trust, and ensure long-term success in the digital era where data and technology play a central role in business operations,” Mohit observes.
He believes that organisations can reduce the risk of security events, preserve sensitive data, and maintain business continuity by prioritising cybersecurity and establishing suitable protective measures for their digital assets, data, and procedures.
Welcome Address
Tin Morales, the Philippines Country Manager for Check Point Software Technologies Ltd, acknowledges that ransomware, a malicious form of cyberattack that holds critical data hostage for financial extortion, has emerged as an escalating threat in the digital era.
She underscores the crucial need to accelerate collective endeavours against ransomware to confront the increasing menace of such attacks, acknowledging the imperative for swift action given the adaptability and persistence of cyber criminals.
“Accelerating anti-ransomware strategies is not just a priority; it’s a necessity,” Tin believes. “In the digital landscape, the need for speed is paramount. Cybercriminals are swift to adapt, and we must be even quicker, more agile, and more innovative in our response.”
Check Point Software Technologies, with over three decades of cybersecurity experience, is at the forefront of providing solutions to mitigate the ransomware threat. The company’s mission is clear: to secure the digital future by developing innovative tools and practices.
Tin emphasises the importance of collaboration in these efforts, as organisations’ collective intellect, shared experiences, and pooled resources are considered critical in establishing an effective defence against ransomware. She urged attendees to encourage collaboration within their organisations, among colleagues, and with technology partners such as Check Point.
Tin explains that the first line of defence lies in education and training. It’s not enough to rely solely on technology solutions; instead, organisations must cultivate a culture of awareness and readiness from within. This begins with educating employees at all levels about the risks and implications of ransomware attacks.
“Team members should understand how these attacks occur, how to recognise phishing attempts and the importance of promptly reporting any suspicious activity,” Tin elaborates. “Such knowledge empowers individuals to become the first line of defence, as they can take immediate action to prevent an attack from escalating.”
Raising awareness is a central component of this preparedness strategy. It involves consistently keeping employees informed about emerging threats, tactics used by cybercriminals, and the latest best practices for staying secure. Awareness campaigns, regular training sessions, and simulated exercises to test incident response are all part of this proactive approach.
The paramount objective of this emphasis on education and training is to create a cybersecurity-conscious workforce. When every team member is a vigilant defender of their organisation’s digital assets, the overall resilience against ransomware attacks is significantly strengthened. It is not only the responsibility of the IT department or cybersecurity experts but a collective effort involving every employee.
Tin strongly feels that emerging technologies, such as artificial intelligence (AI), machine learning (ML), and automation, play a pivotal role in enhancing the security of digital assets. These advanced tools enable organisations to swiftly and effectively detect and counteract threats as they emerge in real-time.
With AI and ML algorithms continuously analysing vast datasets and patterns, they can identify potential risks and vulnerabilities faster than traditional methods, providing a proactive defence against cyber threats, thus bolstering overall digital security.
With a commitment to resilience, proactivity, and collaboration, the Philippines is on the path to a safer and more secure digital landscape. Tin was confident that the OpenGov Asia event would foster productive discussions and innovative ideas and would forge new partnerships In line with the country’s ambitions and targets.
“We must understand the urgency of accelerating cybersecurity measures and the need for swift, unified action in response to the escalating threat of ransomware attacks,” Tin concludes. “We must recognise the pivotal role of education, collaboration, and emerging technologies in bolstering digital security.”
In Conversation With
According to Carlos Tengkiat, Chief Information Security Officer, Rizal Commercial Banking Corporation, financial institutions across the globe have successfully implemented cutting-edge AI-powered security systems to safeguard their operations against the growing menace of cyber threats. These advanced security measures have proven to be highly effective in halting hacking attempts and data breaches, ensuring the safety of sensitive customer information.
He highlighted a case of a major global bank that has embraced AI-powered security solutions, enabling continuous monitoring of network traffic. These systems swiftly recognise unusual patterns and potential threats, empowering the bank to identify and mitigate security concerns before they escalate into major breaches.
Another example involves an American multinational financial services corporation that has similarly incorporated AI-driven solutions to enhance its security initiatives. Through the utilisation of AI algorithms for real-time analysis of customer transaction data, the bank can promptly detect and mitigate fraudulent transactions, thus upholding the integrity of their financial services.
Similarly, a prominent UK-based bank harnesses AI to reinforce its security framework, where machine learning (ML) algorithms are instrumental in recognising anomalies in user behaviour, and promptly signalling potentially compromised accounts. This proactive strategy has led to a substantial decrease in unauthorised access attempts.
“Such examples underscore the critical role that AI and ML play in the ongoing battle against cyber threats within the financial industry,” Carlos believes. “These technologies empower organisations to detect and respond to potential breaches in real-time, enabling a proactive defence against hacking attempts and data breaches.”
The use of AI in financial cybersecurity has transitioned from a cutting-edge concept to a fundamental element in the protection of sensitive customer data. These proactive measures have proven their worth, providing customers with a higher level of confidence in the security of their financial transactions.
As the CISO of RCBC, Carlos believes that cybersecurity is no longer a passive defence but a proactive enabler of seamless operations. Under his guidance, RCBC has adopted a multi-faceted cybersecurity approach to protect customer information and critical financial data, leveraging cybersecurity as a cornerstone of optimising organisational productivity and efficiency.
RCBC has instituted stringent data protection measures to ensure the confidentiality, integrity, and availability of sensitive data. This strong foundation serves as a pillar for secure operations, preventing data breaches that could disrupt productivity.
The bank’s cybersecurity team employs advanced threat detection and monitoring tools. This real-time visibility into the network enables the swift identification and response to potential threats, ensuring secure and uninterrupted operations.
Well-defined incident response plans are in place, reducing downtime and minimising the impact of security incidents on productivity. Moreover, RCBC invests in educating its employees about the latest cybersecurity threats and best practices. Informed employees are vital to maintaining both security and productivity.
RCBC has also implemented secure remote work solutions, enabling employees to work from anywhere without compromising security. This enhances operational efficiency and adaptability, especially during unexpected disruptions. With this, fine-tuned access controls ensure that employees have the right level of access to systems and data, reducing the risk of unauthorised access and data breaches.
Carlos stressed the importance of evaluating and mitigating cybersecurity risks tied to vendors and third-party partners, underscoring the significance of this proactive approach in maintaining supply chain continuity and uninterrupted services.
“We explore innovative cybersecurity solutions, including automation and AI,” Carlos explains. “These technologies streamline security processes, allowing the security team to focus on complex threats and improve operational efficiency.”
Carlos is convinced that cybersecurity serves as a catalyst for both efficient and secure operations, highlighting how RCBC’s investment in a comprehensive cybersecurity strategy ensures the resilience of its systems, data, and operations against evolving threats. Ultimately, it is safeguarding the organisation and its customers while optimising productivity and efficiency throughout all facets of the business.
Vivek Gullapalli, the Global Chief Information Security Officer for APAC at Check Point Software Technologies Ltd, underscores the indispensable role of real-time threat intelligence in the battle against cyber threats, showcasing its effectiveness in addressing various real-world security scenarios.
In a series of real-world scenarios, real-time threat intelligence proved to be a critical asset for various organisations. In a multinational corporation, it swiftly detected unusual network activities and thwarted an APT group’s attempt to exfiltrate data, minimising potential damage.
Vivek shared that a large financial institution successfully employed this intelligence to identify and prevent phishing attacks, safeguarding its employees and bolstering cybersecurity awareness. Likewise, an international tech company reacted promptly to a zero-day vulnerability, creating a patch to protect its software and users.
These instances show the indispensable role of real-time threat intelligence as an early warning system, enabling organisations to proactively address security risks in the rapidly evolving digital landscape.
“To prevent ransomware threats, organisations must adopt a multifaceted strategy, and Check Point Software Technologies Ltd offers a comprehensive suite of solutions to address these challenges,” says Vivek. “Check Point employs advanced threat prevention solutions, harnessing AI and ML to detect and thwart ransomware attacks in real-time.”
Vivek emphasises the importance of implementing a zero-trust security model and highlights Check Point’s role in verifying and authenticating users and devices to ensure authorised network access, particularly in the context of secure remote work solutions.
Vivek stresses the importance of user awareness training and educating employees about identifying phishing emails and suspicious attachments. Moreover, he underscores the significance of various security measures, including network segmentation, threat intelligence, incident response planning, backup and recovery solutions, compliance adherence, and security patch management, in Check Point’s comprehensive approach to ransomware prevention.
“These measures collectively strengthen an organisation’s cybersecurity posture and reduce vulnerability to ransomware threats, offering a secure digital environment in an evolving threat landscape,” he believes.
Check Point as a software technology company has implemented a range of safeguards and solutions to combat data theft and unauthorised access to cloud resources. Their approach encompasses Cloud Security Posture Management (CSPM) tools for continuous monitoring and misconfiguration detection, Identity and Access Management (IAM) for granular access control, and Data Loss Prevention (DLP) solutions to prevent data leakage.
Besides, Zero Trust Network Access (ZTNA) and Multi-Factor Authentication (MFA) enhance access security, while threat intelligence and real-time monitoring promptly detect and mitigate unauthorised access attempts. Check Point also provides cloud-native security solutions, compliance and governance tools, incident response planning, and security automation to bolster cloud security defences.
“This comprehensive approach ensures organisations can protect their cloud resources and sensitive data in the dynamic digital landscape,” Vivek assures the delegates.
Closing Remarks
Tin expressed her gratitude to all the delegates who actively participated in discussions focused on strengthening the Philippines in the face of future cybersecurity challenges. She conveyed her confidence in the collaborative efforts of the government, private sector, and all stakeholders, highlighting their role in laying a solid foundation for the development of a secure and sustainable cyber environment in the Philippines.
Tin is optimistic that the Philippines can strengthen its cyber defences, protect sensitive data, and maintain business security in an increasingly complex digital era. With proactive measures and the right security solutions, they can achieve long-term success and resilience against existing cyber threats.
“Cybersecurity is not a burden that must be borne solely by the government. It is a shared responsibility to maintain the integrity of the country and protect the well-being of future generations,” Tin says. “In a world that is increasingly connected and dependent on digital technology, all communities and organisations have an important role to play in maintaining a safe and reliable cyber environment.”
Mohit agrees that collaboration between the government, the private sector, academia, and civil society is vital as it enables the sharing of knowledge and facilitates discussions and joint efforts to establish robust and effective cyber defences. Such collaboration will play a crucial role in safeguarding sensitive data, ensuring business continuity, and providing a strong foundation for future generations.
“The ASEAN region, renowned for its dynamism and economic growth, can further solidify its reputation as a centre for technological and cyber security advancements,” Mohit is convinced. “By joining forces, ASEAN nations can unlock the vast potential that digital technology offers while ensuring that this growth is sustainable and secure.”
Mohit is confident that ASEAN can lead the way in showing the world how a region can thrive in the digital age, preserving the integrity of its networks and data while continuously pushing the boundaries of technological advancement.
