Cyber Resilience

Powered by :

The University of Melbourne will deploy endpoint detection and response technology across its IT environment this year and improve its access to threat intelligence as part of a broader five-year cybersecurity uplift. Details of the uplift – which is currently in its second year – are contained in a submission by the University to a federal inquiry into national security risks affecting the Australian higher education and research sector.

The first year of the uplift had focused on reducing the university’s vulnerability to cyber threats while balancing a practical need for platforms that support academic autonomy and collaboration, it said.

In line with the experience of tertiary education providers around the world, the university routinely encounters and defends against cybersecurity threats, including sophisticated attacks that cannot be attributed to any known threat actors. The university is cognisant of the fact that advanced persistent threat (APT) actors regularly test its defences.

The university said it had recently run a threat modelling exercise with an external consultancy to provide a better understanding of the threats the university faces, but will also generate a controls library that will be mapped to an industry-standard framework (NIST).

This project will additionally generate a list of risks, associated threats, and clarify the university’s effectiveness of response, all leading to a stronger cybersecurity ecosystem, the university noted.

In addition, with biomedical researchers at the university conducting various Covid-19 work, the university said it had collaborated with the Australian Cyber Security Centre (ACSC) to run a cyber hygiene improvement programs (CHIPs) scan to provide the university with information for the purpose of visibility, analysis and risk management.

As the university moves into the second year of its five-year uplift, it intends to introduce an endpoint detection and response (EDR) capability into its IT environment. This will enhance the cybersecurity team’s ability to rapidly respond to threats even in remotely located university assets, the university said.

The EDR will be augmented by consuming a commercial threat intelligence feed to identify TTPs [tactics, techniques and procedures] for advanced threat actors and risk conditions.  In addition, a proactive threat hunting program will also be introduced to provide additional visibility into the environment.

The university said it had doubled the size of its cybersecurity team over the past two years. It has also rolled out multifactor authentication (MFA) for all staff accounts and will do the same for student accounts sometime this year.

Updating Australia’s cybersecurity

In an earlier article, OpenGov Asia reported that The Australian Cyber Security Centre (ACSC) is enhancing the Information Security Registered Assessor Program (IRAP) to strengthen the cybersecurity assessment framework. The agency has released an updated IRAP policy and a new IRAP Assessor Training module following an independent review of the program.

The enhanced program has been designed to help develop the capabilities of industry partners, increase the number of cybersecurity assessors and bolster national cybersecurity efforts. It has been developed in consultation with government and industry representatives.

Changes include increases to the standard and consistency of cybersecurity advice provided by IRAP assessors by requiring these assessors to maintain and demonstrate ICT security knowledge.

Other changes include a minimum requirement for IRAP assessors to maintain a Negative Vetting Level 1 Security Clearance, and enhanced governance arrangements in place for assuring IRAP assessors are performing their roles as independent third parties.

The ACSC has also established a revised five-day IRAP training course, which covers both IRAP and Information Security Manual fundamentals. The new policy will apply to all assessments initiated going forward, and current IRAP assessors will have 24 months to meet new requirements outlined in the policy.

The ongoing pandemic caused much chaos and upheaval across the world – in personal lives, businesses and governments. Many organisations, especially those proving necessary goods and services, needed to rapidly transform and adapt to the challenges posed by COVID-19. In times like these, vision and agility of top leadership are what is needed the most.

To get a deeper insight into the challenges and opportunities of rapid digital transformation in an organisation attending to the everyday needs of an average Singaporean, OpenGov Asia spoke with Ramesh Munamarty, CIO Advisor at TBM Partners and former Group CIO (Digital and Technology) at NTUC Enterprises Singapore and International SOS.

Right off the bat, Ramesh credited the agility of the business, innovation culture and business processes enabled by the right technology for ensuring the survival and success of organisations in these unprecedented times. Beyond doubt, survival has been to a large extent because of an agile business mindset coupled with cutting-edge technology and the highly innovative solutions created from them.

On his organisation’s journey of transforming as necessitated by the pandemic and the tools and technology that came to rescue, Ramesh shared, like numerous other organisations, his prior organisation, too, had begun its digital transformation journey to an extent before the pandemic.

In any organisation working together in an obvious must. The pandemic could have put an end to this, and, indeed, it was the case for several organisations. In their favour, one powerful tool that had been in place, which significantly helped employees work together efficiently, in his opinion, was an effective collaboration suite. Facilitating simultaneous editing and doing away with the need for sharing multiple copies of the same document as attachments, these platforms immensely assisted employees to work collaboratively on documents and presentations from remote locations.

Another major factor to manage for efficient remote work was ensuring a safe and secure working environment for all employees. Without a plethora of tech-driven tools and solutions, it would have been nigh impossible for organisations to facilitate remote work or even to survive for long. Various digital strategies, platforms and applications allowed for safe remote access, data sharing and confidential communication between staff working from geographically diverse locations, on various devices, using different ISPs.

The third practice that significantly helped them better serve their customers was the adoption of cloud. Without doubt, it was their comprehensive cloud adoption that helped them manage the tremendous online traffic spikes. With people being forced to transition life almost entirely online – work, education, business, shopping, banking and entertainment – the load on the internet, and consequently businesses, shot up astronomically almost overnight.

Speaking from experience, Ramesh feels that the intelligent use of technology can help organisations and enterprises, not only survive, but thrive. With a range of agile, scalable and abundantly available technology at hand, organisations must decide what works best for them. They must determine which tools can help them work effectively and securely and invest in them wisely.

Expanding on some of the learnings from his experience that can help leaders and organisations be better prepared for the next critical event, Ramesh was of the view that leaders need to be more agile and prepare outside the box.

A good example to understand this better would be the concept of business continuity plans (BCPs). While most organisations, pre-COVID, had business continuity plans in place, a number of them necessitated employees to be physically present in the office. The pandemic made short work of these contingencies, forcing organisations to scramble and come up with reactive, stop-gap arrangements.

The pandemic has taught us, as much a cliché as it may be, to expect the unexpected. Organisations must consider all different scenarios and look to make their BCP’s as comprehensive as can be. They need to have a growth mindset and learn from their mistakes. Enterprises need to constantly test their systems and processes to ensure that it is comprehensive and a number of different (including currently unexpected) scenarios are incorporated.

Ramesh observed that organisations that could not transition quickly, resorted to short cuts, throw away solutions or put together a patchwork of ad-hoc solutions which they later had to revisit and reinvest in, leading to wastage of time and resources.

With work, business and life moving online, data has become one of the most important assets of a company. But this resource is only as valuable as the actionable insights that can be derived from it. Data analytics can empower enterprises to be better informed about their customers, their markets and the environment at large – enabling better decision-making and creating customer-centric products and services. . Data can also be monetized to create an additional source of revenue. As technology becomes more accessible and cheaper, there really is no excuse for organisations to digitally lag.

In addition to having the agile mindset, innovation culture and the right technology, Ramesh felt that the boards of the organisations should enhance their role from being focused on fiduciary and compliance to broader technology oversight and assessing the risk associated with the digital transformation. This will necessitate the directors to be more digitally savvy and potentially have a technology committee where they can dive deeper into the transformation initiatives and provide oversight to reduce risks and align them to the broader strategic objectives.

As organisations become more flexible and cloud-based, the need to operate in a safe and secure network becomes even more important.  Data breaches are becoming more frequent and have become disproportionately more expensive. As digitalisation comes to the fore and takes centre stage from organisations, security becomes extremely critical. Enterprises must improve their information security maturity and make sure that not only are they protected, but the products and services they offer are secure and scalable. Organisations need to rethink their cybersecurity and more from a reactive to a proactive stance. This will allow them to quickly to roll out solutions for a diverse, remote workforce while simultaneously protecting data, client information and trade secrets.

With almost a full year behind, organisations now seem to be gradually adapting to the “new normal”.  Ramesh is optimistic that businesses will look to convert this crisis into an opportunity, tapping into the massive online market that the pandemic had created. One such opportunity is the ability of enterprises to harness and utilize global talent and the gig economy more easily. Remote working has enabled organisations willing and capable to source the best skillset at the most optimal price from across the globe.

As enterprises accelerate their digital transformations, it is also vital that organisations take a more outside-in approach to augment their current teams. This would mean getting a perspective from experts from in and out of one’s industry to provide an unbiased view and to help maximise the success of the initiatives. This will help the organisation become more disruptive and better equipped to take on challenges.

Finally, Ramesh emphasised the need to be more data-driven, a culture shift that needs to come from top leadership to and percolate across the organisation to all employees. In the past, decisions would be made by the leaders based on their instinct as they were not necessarily equipped with the right data. Significant advances have been made in the data analytics space now that enable organisations to get actionable insights in a proactive manner and also elevate to predictive analytics. This will not only enable organisations to make better decisions but will also prepare them for any unexpected eventuality.

As the world grapples with the lifestyle changes brought by the new normal, governments and organisations are seeing the need to set stricter security measures during this age of digital transformation. 

One of these institutions is the Philippine Senate which is looking at investigating alleged cases of hacked credit cards and online bank accounts. This announcement comes as these new forms of fraud continue to rise amid a steady increase in online transactions during the COVID-19 pandemic. 

In a media release, Senator Sherwin Gatchalian, the Vice Chairman of the Senate Committee on Banks and Financial Institutions, said that the resolution to probe into cases of phishing and online bank theft is an initial step to stem the growing number of these cases. The investigation is also seen to ward off future digital scams. 

The senator expressed concern about the sophisticated methods that have been devised to lure and scam the public through digital means. He added: “Despite the fact that we have mechanisms, it turns out that they are not enough so the thieves continue to carry out this kind of theft.” 

The Philippine government has initiated early on several initiatives aimed at addressing issues in cybersecurity and bank fraud. Among them is Republic Act 8484 otherwise known as the Access Devices Regulation Act. It outlines liabilities of parties in commercial transactions by regulating the use of access devices like cars, codes, account numbers and electronic serial numbers.  

Similarly, RA 9792 or the Electronic Commerce Act of 2000 was adopted to foster an information technology-friendly climate that supports information and communications technology products and services. The Act covers any data message and electronic document in both commercial and non-commercial activities like international dealings, transactions and arrangements. 

The Cybercrime Prevention Act of 2012 builds on the foundation set by the E-Commerce Act. As the government continues to harness the advantages of leveraging digital products and solutions, the Cybercrime Prevention measure aims to combat offenses related to online transactions and arrangements by “facilitating detection, investigation and prosecution at both the domestic and international levels.” Aside from this, the current Data Privacy Act is being carried out to set security measures to shield valuable consumer data gathered from different transactions. 

The senator also underscored that although these legislations have been helpful in improvising schemes to prevent data breach and theft, the public remains vulnerable to online activities like phishing, hacking and stealing of personal information.  

These scenarios have been made more apparent today with consumers increasingly looking at the ease and convenience brought by digital programmes in helping them accomplish their everyday, mundane routines. At the onset of safety restrictions and health protocols, new software applications have been devised, particularly in online shopping and promotion of cashless, virtual transactions. One of these efforts is in the transportation sector. As reported by OpenGov Asia, cashless payments in tollways have already been adopted to ease traffic congestion. 

The senator said that with the proliferation of this wide array of digital schemes, there may be loopholes and aspects not covered by existing laws in the country. One of the solutions to this hurdle is to encourage institutions that offer digital transactions to reinvent their existing online procedures and fortify their security programmes. This way, data security will be made effective. 

To further explain, the senator highlighted that the onus in ensuring data security for bank transactions is on financial institutions. He emphasised, “[The] obligations of banks and companies offering lighter electronic transactions [are to] guarantee the welfare and security of their clients, as well as their personal information. Even if they upgrade their services, evil spirits will also be bold enough to cover up their theft. The banking industry must also have a mechanism to immediately address the grievances or complaints of their customers.” 

The National Cyber Security Centre (NCSC) of the Vietnam Authority of Information Security has announced the top outstanding cybersecurity events in 2020. According to a press release, even though the country had to cope with the COVID-19 pandemic, it still fulfilled the tasks of its ASEAN 2020 chairmanship well. The country successfully organised a series of unprecedented online events at international and regional stature, including tens of events as the ASEAN Chair, and the 37th ASEAN Summit, the 41st General Assembly of the ASEAN Inter-Parliamentary Assembly (AIPA-41), and ITU Digital World 2020.

The great success of the events was partially created by cybersecurity experts from the Ministry of Information and Communications (MIC), Ministry of Public Security, Ministry of National Defence, and firms providing services.

All ministries, branches, localities deployed SOC with NCSC connections

The fact that all government organisations have implemented the Security Operation Centre (SOC) and have technical connections with the National Counterintelligence and Security Centre (NCSC) show progress in information security at agencies and units when deploying the four-layer model as instructed by the government, the release noted. SOC allows agencies to take the initiative in ensuring cybersecurity.

Scanning, handling of malware campaign applied in entire the Vietnamese cyberspace

The campaign was deployed by NCSC in cooperation with businesses of the Alliance for malware prevention and handling of cyberattacks and international businesses.

Carried out via the portal from September to December, the campaign was implemented concurrently in all provinces and cities from local to central levels. The campaign achieved the goal of reducing 50% of malware infections and reducing Vietnam’s IP addresses in botnet networks by half.

WhiteHat Grand Prix 06

Several national and international cybersecurity competitions were organised, including WhiteHat Grand Prix 06 and the ASEAN student contest on information security. The competitions have contributed to promoting and developing cybersecurity human resources in Vietnam. Most of the competitions were sponsored by MIC.

Vietnam announced requirements on technical specifications for terminals, base stations, and 5G network service quality.

The popularity of 5G technology will create far-reaching breakthroughs on the scale and speed of information. Vietnam is speeding up the commercialisation of 5G mobile network. MIC has determined that cybersecurity is an essential factor when implementing 5G. A legal framework for 5G cybersecurity was established, including decisions issued in September.

‘Make in Vietnam’ cybersecurity products accounted for 90%

In 2015, Vietnam-made cybersecurity products accounted for only 5%, while the figure rose to 55% in 2019. In 2020, Vietnam operated more than 90% of the ecosystem of cybersecurity products serving the Party, state agencies, and public.

DF Cyber Defense 2020

NCSC and the IEC Group organised Banking Tech 2020. The highlight of the event was DF Cyber Defense, the drill for mock cyberattacks. 30 businesses and organisations in the fields of finance (banking, insurance, and securities) participated.

Government measures to prevent spam

Decree 91 on preventing and fighting spam SMS, messages, and calls was released in August. Many measures were taken to implement the decree. Mobile network operators ran systems to prevent and filter spam messages. The government handled subscribers delivering spam calls and discovered and blocked fake calls.

Online phishing prevention  

Online phishing cases rose in 2020 as countries were affected by the COVID-19 pandemic and were required to communicate online. This led to an increase in scams, especially via telecom and social networks.

APT attacks targeted popular software products

A wide range of popular products, software, and applications had critical vulnerabilities. Hackers took advantage and launched various cyberattacks. Vietnam discovered and prevented a series of intentional offensive campaigns.

members of the public.

The Telecommunications Association of Thailand (TCT) launched a centre to coordinate efforts to combat cyber threats in the telecom industry and to serve as a venue for information-sharing about the issue on 14 December 2020.

The centre is called TTC-CERT, or Thailand Telecom Computer Emergency Response Team. Around THB18 million will be budgeted by the Broadcasting and Telecommunications Research and Development Fund to the centre over the next three years.

The TCT plans to build a centralised data-sharing platform next August, which will serve as the main channel for its members to notify and get updates on cyberthreats as well as exchange related information with members of the public.

The President of TCT stated that TTC-CERT will also gather information about cyber threats from other organisations, including the Thailand Banking Sector Computer Emergency Response Team (TB-CERT) and Thai Capital Market CERT (TCM-CERT).

This will foster collaboration in all core sectors, which play a crucial part in the country’s digital economy.

TTC-CERT will also connect with the Thailand Computer Emergency Response Team (ThaiCert), which is operated by the Electronic Transactions Development Agency (ETDA).

The establishment of the TTC-CERT follows a memorandum of understanding (MoU) signed between nine members of TCT for cooperation. The TTC-CERT will work on data exchange, a warning system and training activities, not only for TCT members but also around 1,000 companies in telecom and ICT-related fields.

While big enterprises in the telecom business sector, especially mobile operators, have strong measures and technical support in place in dealing with cyber threats, the threats are increasingly sophisticated. Cyberthreats include D-Dos, malware and ransomware, which could wreak havoc on digital platforms as well as telecom infrastructure.

The telecom is not just a business sector, but a fundamental infrastructure or foundation of communication for every sector, he said.

The Director of TTC-CERT stated that the centre has two staff responsible for routine work and coordination with members. They must work to ensure optimum benefits for all members and keep information secure, he said. TTC-CERT has to build trust among members.

Thailand government is proactive on cybersecurity

A recent report noted that the rise of cyberthreats is setting off alarm bells among state and local governments, forcing them to pay attention to the problem and invest in cybersecurity measures, the Thailand unit of the US cybersecurity firm said.

The Senior Manager for systems engineering at the local unit that state and local governments are seen moving towards investment in cybersecurity measures due to the rise of attacks and they are among attackers’ top targets.

According to the “2020 Verizon Data Breach Investigations Report”, ransomware is the most common cyber threat for the public administration sector in the US, with 61% of ransomware attacks being malware cases.

In Thailand, a public hospital was hit by hackers in September in a data ransom situation.

The increasing use of multi-cloud, Internet of Things (IoT) and Software as a Service (SaaS) also bring further exposure to security threats. Government agencies must work to comply with the Cybersecurity Act to ensure cyber protections in connection with security operation centres, access control as well as email and application security

Australia will host a one-of-kind summit on emerging, critical and cyber technologies next year, a statement from the country’s Foreign Minister. It was noted that the Australian Government is supporting the establishment of the Sydney Dialogue, which will be held for the first time virtually in the second half of 2021.

While significant international conferences and dialogues exist for traditional areas of security and economics, there is currently a gap for political leaders, industry experts, academics and civil society representatives to meet and discuss the most pressing issues around cyber and critical technology. This annual, high-level dialogue will fill that gap, the Minister’s statement said.

The Sydney Dialogue will be hosted by the Australian Strategic Policy Institute, a Canberra think tank, which will receive AU$1.5 million (US$1.1 million) from the government for the purpose.

The statement also highlighted the importance of India for Australia, which seeks to emerge as a tech leader in the Indo-Pacific. The statement noted that while the Dialogue will take a global perspective, it will have a particular focus on the Indo-Pacific, and next year’s inaugural meeting will have India as a core topic.

Both countries have signed a number of agreements in the past few months around emerging tech cooperation including an Australia-India Framework Arrangement on Cyber and Cyber Enabled Critical Technologies Cooperation. Australia has also committed to funding a Quad Tech Initiative, a Track II mechanism involving key think tanks in all four countries.

On 14 October 2020, ASPI and the Observer Research Foundation, a New Delhi think tank that will represent India in the Quad Tech Initiative, released a report outlining 14 recommendations around greater Australia-India tech cooperation.

One report noted that by wisely focusing on civilian tech cooperation – albeit ones with significant strategic import and dual-use benefits – thorny questions around export control that would present themselves were the report to focus solely on military and defence tech cooperation are bypassed.

India has also sought to place itself as an emerging tech leader in the Indo-Pacific. In January this year, the Indian Ministry of External Affairs created a new New, Emerging, and Strategic Technologies Division within the ministry. The MEA and Carnegie India, a think tank affiliated with the Carnegie Endowment for International Peace, also hosts an annual conference on technology and geopolitics; its latest edition took place virtually earlier this month.

The Indian External Affairs Minister noted that technology is political. Today, it is very much a core part of diplomacy. It is something which every foreign ministry is going to be focused on in many ways in a very central way.

The Indian Minister also remarked on recognition on the part of the Indian foreign ministry to understand the strategic implications of new technologies and norms and regimes around them.

The Australian Government is particularly committed to strengthening understanding of cyber and critical technology issues in the Indo-Pacific region, to ensure they promote and enable a safe, secure and prosperous region, the Australian Minister’s statement launching the Sydney Dialogue noted.

The Quad Tech Network will support universities and think tanks in Australia (the National Security College at the Australian National University), the United States (Center for a New American Security), Japan (National Graduate Institute for Policy Studies) and India (Observer Research Foundation), to develop research and recommendations on the shared challenges facing Australia and Indo-Pacific partners in the cyber and technology environment. These research papers will be published in late 2020 and early 2021.

The Viettel Cyber Security Company (VSC), a subsidiary of the Viettel Military Industry and Telecoms Group has become a member of the Anti-Phishing Working Group (APWG).

According to a news report, the membership is a new step for the company in connecting and sharing network security knowledge and early warnings, to help prevent the threat of cyberattacks on a global scale. As a member, the VSC now has access to international-level information on cybersecurity risks to promptly develop suitable action plans. Established in 2003, the APWG is an industry association focused on unifying the global response to cybercrimes. There are more than 2,000 enterprises worldwide participating in the group.

The VSC’s Make-in-Vietnam Threat Intelligence technology, meanwhile, has become the first Vietnamese product selected to be part of the APWG’s network. Launched in October, the platform is a modern network security solution focusing on gathering and analysing information on current cyber-attacks and potential threats to organisations’ and businesses’ assets, reputation, and safety. Equipped with data from internal studies conducted by leading Viettel experts, it is being applied in the services of Viettel and a number of banks in Vietnam.

Vietnam’s Internet economy could witness a 29% growth over the next five years. The central pillar supporting this trend is a digital ecosystem of firms and consumers. Firms that provide IT services to businesses will be key to a successful digital transformation in Vietnam and the digital transformation in turn will create opportunities in IT-enabled services and Industry 4.0.

For instance, the cloud services market in Vietnam is projected to grow to US$291 million by 2024, a five-year compound annual growth rate (CAGR) of above 10%. With Vietnam being one of the largest targets for cyberattacks in the world, enhancing information safety is a crucial issue the country needs to address as it aims for complete digital transformation.

It is also necessary to build a capable workforce specialised in cybersecurity, the Minister of Information and Communication (MIC) Nguyen Manh Hung said during the annual International Conference and Exhibition Vietnam Information Security Day.

Vietnam’s digital economy is expected to reach US$14 billion, a year-on-year increase of 16%, and will likely reach US$52 billion in 2025, re-accelerating to nearly 29% in CAGR, a media report has noted.

This rapid growth is underpinned by a broader digital transformation in the country. Vietnam’s National Programme for Digital Transformation is aimed at ensuring more than 80% of households have access to fibre-optic infrastructure by 2030. The program also entails that the digital economy forms 10% of every sector, which could result in annual productivity increases of 7%.

As OpenGov Asia reported, the country must also continually update its technologies to protect the national cyberspace. Stimulating digital transformation has made Vietnam more vulnerable to cyber threats. More than 1.6 million cyberattacks over the first half of 2020 targeted small and medium-sized enterprises in Southeast Asia. Indonesia, Malaysia, and Vietnam experienced the largest number of attacks.

The rise in the attacks has skyrocketed since March when COVID-19 reached its first peak, and the entire country was social distancing. Cybercriminals took advantage of the chaos to perform non-technical attacks such as fraud via sending e-mails. By attaching COVID-19-related information to messages, the rate of clicking on attachments containing malware sharply increased from that time.

The World Bank has formally approved a multi-million dollar financial grant that would spur the digital transformation of the Philippines as the country continues to recover from the pandemic, improve competitiveness, and build resilience against shocks and natural disasters.

The World Bank’s Board of Executive Directors unveiled the granting of a US$ 600 million grant called Promoting Competitiveness and Enhancing Resilience to Natural Disasters Development Policy Loan that will be used to adopt a string of digital technologies in the country. 

The lender foresees that this undertaking will bring in more investments into the Philippines as new technology fosters improved competition and upscales ease of doing business. The project is intended to provide inclusive recovery by accelerating the development of digital infrastructure under the area of telecommunications. Through this project, the shift to digital transactions and an e-governance framework will be fast-tracked.  

The World Bank aims to help the government reduce trade and indemnity costs as it makes the transition to an e-governance framework. Another goal is to assist the Philippine government in cutting back on the costs of doing business. The result, the World Bank explained, is an economic recovery on the back of job creation. The financial grant is also anticipated to help Micro, Small and Medium Enterprises (MSMEs) to “bounce back” after sustaining a heavy beating during the pandemic. 

The funding can also be used to improve the delivery of social assistance to disadvantaged members of the population while enhancing health and safety protocols as the country continues its battle to stem the spread of the deadly COVID-19 virus. 

Ndiamé Diop, World Bank Country Director for Brunei, Malaysia, The Philippines and Thailand, said: “Reforms to improve digital infrastructure and speed up adoption of digital technologies will not only help the country’s efforts to recover from the impacts of the pandemic but will also boost its export competitiveness that is vital for creating more and better jobs in the future”. 

The Country Director added that the World Bank is likewise intent on helping the Philippine government streamline its adoption of a national ID system which it describes as a fundamental reform to enhance existing social programmes and to protect vulnerable groups during natural disasters.  

The World Bank loan will further sustain the Philippine government’s momentum as it adopts new technologies to shore up government transactions especially during the pandemic. OpenGov Asia has previously reported that the country is modernising its tourism sector by launching applications that can enhance its safety protocols. 

Helping address poverty 

In the same statement, the World Bank mentioned that aside from the loan for digital infrastructure, it is also extending a US$300 million Additional Financing for KALAHI-CIDSS National Community Driven Development Project (KC-NCDDP) to help the government alleviate poverty, particularly in rural areas.  The funding is to be used in improving community response initiatives and basic social services intended for municipalities deemed most affected by the impacts of the pandemic. 

The KC-NCDDP is set to be implemented by the Department of Social Welfare and Development (DSWD) and the Department of the Interior and Local Government.  Currently, the DSWD has a roster of community projects including the provision of basic facilities like access roads and reliable water systems in local communities which have limited internal revenue allotments and those which are not easily accessible because of geographic isolation. 

The Country Director noted, “Community-driven development approaches have shown to be effective in accelerating community reconstruction following disaster events and efficiently putting money for priority needs of communities around the world”. 

The World Bank is one of the world’s sources of funding. Aside from the Philippines, the lender has collaborated with several developing countries and is set to grant as much as US$160 billion until June 2021 to more than 100 countries to help support businesses and boost economic activity. It is also allotting US$12 billion for the purchase of COVID-19 vaccines. 

OpenGovLive! Virtual Breakfast Insight

Are your Business Operations Resilient Enough? – Thriving in VUCA World