As the world continues to navigate the waters of the new normal, unprecedented accelerated digital transformation continues to be the need of the hour. However, as organisations increasingly migrate to virtual operations and transactions, there is an urgent need to protect against potential breaches and cyber intrusions. Cybersecurity threats are indeed on the rise. Ransomware and cyber incidents have multiplied, adding to the already complex crisis management morass for many organisations. Executives are now looking for the best and most sustainable critical event management strategy, while also saving time and cost.
In recent months, cybersecurity has been inextricably embedded into operations frameworks of organisations, in both the government and the private sector. Reports showed that companies’ budgets for these systems have spiked by more than 50% and towards the end of 2020, these security solutions were anticipated to form as much as half of the overall funding. Despite this, several agencies are uncertain as to how to adapt these tools and solutions. In the absence of adequate precaution, planning and programmes, many organisations are left stranded and exposed when hit by an unexpected critical event.
Such eventualities can be addressed by setting up a robust critical event management programme (CEM). This was the essence of the OpenGovLive! Virtual Breakfast Insight: Strengthening Cybersecurity and Emergency Preparedness: Enhancing Readiness, Response and Recovery.
On the 21 January, OpenGov Asia, in collaboration with Everbridge, hosted the OpenGov Live! Virtual Breakfast Insight for senior digital executives from both the public and the private sectors in the Philippines. The event focussed on establishing strong cyber resilience in organisations with effective risk management tools to be fully prepared for managing crises and cyber risks.
The role of critical event management in upgrading work systems
Mohit Sagar, OpenGov Asia’s Group Managing Director and Editor-in-Chief, opened the session with a short introduction of the participants and the topic. He highlighted the importance of having a reliable incident management programme to ward off potential data security risks.
The current scenario in many organisations in both the public and private sectors is a delicate balancing act. He painted a picture of a group of ballerinas in a difficult balancing pose. Like these ballerinas, organisations have to balance technology, customers, employees, regulations and stakeholders in the precarious new normal. If any one of these components fail or shift, the whole construction can crash.
This tightrope act works well when everything is in equilibrium. However, an imbalance, misstep or unmanaged tension can have catastrophic results.
Reflecting on how the world responded to the pandemic, Mohit then questioned the readiness of the organisations in dealing with cyber risks and their continuity plans. Lacunae were painfully evident last year with the onset of the COVID-19 pandemic. Technology did help manage the pandemic in terms of being able to work from home but was only a temporary solution.
Prior to the pandemic, the need to consider the impact of potentially critical events was more of a theoretical pursuit and organisations plodded along with traditional plans in place. However, when the crisis hit, organisations were floundering, ill-prepared for such a massive disruption. Significant changes were urgently required to just stay afloat.
Many organisations were able to turn things around and somewhat mitigate the impact of the pandemic. But the fact is, not all organisations were able to come out unscathed, and the reality is that there is still a lot to be done to upgrade work systems and processes to accommodate the new normal.
The solution, Mohit said, is not to hope for an auspicious year to get through 2021, but to learn from past mistakes. There is a need to find out what went wrong, develop a better understanding of organisational cyber risks and determine to set a robust resilience plan in place. From this, organisations can incorporate changes in their operation models, retrain employees and most importantly, invest in strategic tools like a critical event management system.
Technology is at our fingertips and it proved to be the saving grace last year. But resilience must not be equated with being able to keep the business running through remote methods.
Mohit emphasised that putting up event management systems must not be shouldered by organisation management alone. Operational resilience is tied to effective communication that is well-received on both ends – employers and employees, management and staff. To do this, ensuring seamless communication is key and becomes crucial in crises. It may come at a price, but in the end, it must be done.
According to Mohit, creating an operational resilience plan is not an easy task. It relies heavily on cybersecurity expertise and professional critical event management systems. Therefore, it is expedient for agencies to work with the right partners to ensure that they have the best strategy in managing upcoming cyber risks.
Setting up an adaptive event management programme suited for each organisation
Sonia Arista, Vice President and Chief Information Security Officer at Everbridge, furthered the discussion after Mohit. She briefly shared her background in information security management and introduced Everbridge.
Everbridge is a global critical events management company that strives to keep businesses running continuously through any events that affect the workforce and supply chain, such as IT disruptions, and to maintain visibility and communications between employees and leaders on events that might affect the business.
Working in information security program management means that half of the time, Sonia needs to oversee product development as well as operational areas. The other half of the time, she is responsible for maintaining the security of Everbridge’s employees’ information and environments and maintaining a standard of security.
This can be challenging for several reasons. First, full visibility in the context of what is happening is difficult to achieve. Second, determining the level of severity of the events and the parties is not straightforward. Thirdly, how to notify relevant people, what messaging is needed, it is a one-way communication or is feedback required can make response complicated.
In short, identifying the appropriate response plan to the event and putting it into action is the name of the game. She also felt that assessment post-crisis is important to determine areas of improvement and potentially developing guidelines for other members in the industry.
To address this, there must be an adaptive critical event management programme integrated within operations models. However, Sonia was quick to acknowledge that deploying a CEM programme is no walk in the park. None the less, the rationale is that the more time spent to impact-proof operations, assets and people the better the resilience during critical events.
Sonia went on to explain her take on simplifying and unifying critical event management. To streamline the whole process, Everbridge views 4 factors to be at the core:
- Assessing an incident
- Locating what is happening, identify stakeholders and assets impacted
- Acting and responding to the event – inform, notify, rally, collaborate, mitigate, fix, and recover.
- Analysing the performance on the course of the incident, and to offer possible improvements on the processes
According to Sonia, there are instances where organisations need to manage multiple crises. Events can happen in tandem and are often caused by multiple factors such as supply chain disruption, disease outbreaks, severe weather, etc. All of these elements together contribute information to the events, and by applying the four core factors mentioned above, an organisation can fully mitigate and resolved any event.
Different business models will have different focus areas and critical event management takes different forms for organisations across various sectors. For example, companies with multiple factories will want to focus on physical access control to maintain standards in their facility, weather services for health systems to predict patient influx caused by natural disasters and threat intel engines in cybersecurity. She underscored this point by showing a list of partners that collaborated with systems such as Everbridge to bring comprehensive intel and context in remediation planning.
Sonia summarised her presentation by acknowledging that there are various programmes that an organisation can utilise. It all depends on which key areas that a specific agency would want to focus on so that the proper critical incident management can be deployed.
Enhancing cybersecurity measures through critical events management
Following Sonia’s presentation, Charlotte Wood, Director of Policy and Awareness of Cybersecurity at New South Wales Government shared her experience with the participants. Her department is responsible for setting standards and providing leadership in cybersecurity and affects all 120 entities in the NSW Government that consist of approximately 400,000 employees.
According to Charlotte, there are 3 pillars of cybersecurity: 1) Confidentiality of digital information held, 2) Availability of the information accessed digitally by people whenever it’s needed and 3) Maintaining the integrity of the digital system and services – data must not be modified improperly, whether maliciously or accidentally
Charlotte explained that the initial question to be answered is: what is an agency trying to protect when integrating cybersecurity measures. As with most, if not all workplaces, protecting the confidentiality of data is paramount, as well as keeping such information intact and readily available. In and of themselves, these two components are not sufficient. There must be workplace safeguards to ensure the integrity of data and that malicious activities do not compromise it.
One way to balance these three key components is by applying a risk-based approach and the NSW Government uses this methodology. With their standard, they address the level of risk in 3 main areas: 1) Technology and Infrastructure – in protecting their digital system and services, 2) Procession and Organisation – the standards set and 3) People and Culture – the employees’ understanding of cybersecurity
However, more critical than these 3 areas is the risk and impact of the events to the people of NSW. The risk level dictates how they prepare for the attacks, and how they prioritise the different attacks. The risk-based approach has allowed the NSW government to have a standard framework that will work in different agencies with different needs.
Mitigating the impact of critical events does not end with a cyber risk approach. It is a holistic process that improves on key aspects of the workforce including retraining employees. She added that while the notion that cyber threats can be prevented is a myth, agencies can mitigate impacts by training people and by putting up a solid cybersecurity framework.
Charlotte concluded her talk by reiterating that investment in a cybersecurity programme is a continuous cycle. As data breaches become more sophisticated, systems must be improved and defences against these threats must be fortified. Organisations can do this through prevention and simulation of potential threats.
After the engaging discussion by the speakers, participants participated in polling questions and discussions regarding their risk management and cybersecurity protocols, as well as the challenges that they see in this area.
When asked about their key concerns around cybersecurity in their organisations, nearly half (49%) of the attendees voted for employee education in IT security.
A delegate from the Department of Energy said that educating employees is one of the major hurdles that his agency is experiencing. The reason is that most employees fail to grasp the importance of cybersecurity and because of this, the responsibility is left in the hands of IT professionals.
An executive from the Department of National Defense shared the same sentiment. She noted that with their current remote work programme, educating employees and enforcing security policies has become more difficult.
When it comes to measuring the effectiveness of cybersecurity architecture, two thirds (66%) of the participants said that they do this by looking at the ability of the organisation to respond effectively to impending cyber threats. Data protection, threats response and effective mitigation are their main measurements.
Interestingly, 20% of the participants stated they did not have any measurement and wanted to learn from the others. One participant from the government said they are interested to find ways to measure this area in their cybersecurity policies.
The third question was on how the participants rate the level of preparedness of their organisation to cyber threats. Few were unsure and some admitted that they are not well prepared. 45% of the participants felt that they are prepared but they have doubts if it can withstand infiltration.
The fourth question asked the participants on their biggest challenge for accelerating their response to IT incidents, a large portion, mostly government officials, voted it to be the lack of skilled Cybersecurity or IT professionals. They experienced budget constraints and felt policies in hiring these professionals were difficult to follow.
For well over half of the delegates (60%), the lack of skilled Cybersecurity/ IT Professionals is the biggest challenge they see in boosting their cybersecurity protocols. Others felt information overload and alert fatigue to be challenging since IT incidents involved not only cybersecurity but also operations.
The last question was on how participants’ security operations are currently driven. For the most part, delegates said they were compliance and incident driven but now realise the importance of risk-based or intelligence-driven parameters and were working towards it.
The session came to a close with Sonia stressing the need to establish a critical incident management programme in order to ramp up cybersecurity in the overall organisational framework.
She re-emphasised how different elements contribute to an incident and that it is important to look beyond the confines of technology. Keep educating and spreading awareness, pick up intelligence from suppliers and partners that are helpful for the organisation in responding rapidly to events in an automated consistent fashion.
Sonia thanked the participants for their wonderful insights and contributions and encouraged them to reach out to her team and her on their CEM journey.
The Philippine Social Security System (SSS) adds more features to its online services portfolio as it steps up efforts to digitalise member and employer transactions.
SSS President and CEO said the initiative aims to address the need to bring SSS services within reach of its members, pensioners, covered employers, and the public because of social distancing and health requirements imposed by the government to stop the spread of the COVID-19. For the past years, the agency has been gradually shifting its stakeholders’ mode of transactions from face-to-face to online. The pandemic motivated them to track their digital transformation initiatives faster, not only to provide stakeholders with more convenient and more efficient means of transactions but also to ensure their safety.
Services in the My.SSS Portal now includes online applications for Calamity Loan, Pension Loan, Retirement Benefit (subject to qualifying conditions for online filing), Unemployment Benefit, and Funeral Claim; submission of Requests for Member Data Change for simple corrections for members; and submission of Sickness Benefit Reimbursement Application for employers.
The SSS has also introduced both members and employers to the Real-Time Processing of Loans Payment Reference Number (RTPL-PRN) facility, Benefit Re-disbursement Module, and improved Disbursement Account Enrolment Module (DAEM) with uploading of proof of account, previously known as the Bank Enrolment Module.
Moreover, the SSS enhanced the online SS Number Application facility and has provided members with access to the Remittance Transfer Company/Cash Pay-out Outlet (RTC/CPO) Reference Number Inquiry.
Aside from the new and improved online services, members also have access to other virtual services, including viewing their contribution and loan records; and inquiring on the status of their benefits claims and eligibility for benefits programmes, among others. These may be accessed using the My.SSS Portal as well as the SSS Mobile App, Text-SSS, and Self-Service Express Terminals.
By using the My.SSS Portal, members can also make an appointment with an SSS branch, send a request for SSS records, enrol in the Personal Equity and Savings Option (PESO) Fund or Flexi-fund, use a simulated retirement calculator, and view details of their Unified Multi-Purpose Identification (UMID) Card or SSS ID, as well as change their account password. With the SSS Mobile App, they can also pay contributions using a third-party e-payment provider or a partner bank.
Since last year, the SSS is building up its information cache on how to use its online services through webinars and other social media content. For more in-depth discussions on these services, companies and organisations may request SSS to conduct free online seminars for employees and members. SSS reiterated that with the continuous digitalisation of procedures, there is a need for stakeholders to familiarise themselves on how to use the agency’s online facilities. They encourage them to join the webinars and monitor posts on social media.
The agency reported that the pandemic combined with their digitalisation efforts to mitigate the impact has resulted in a surge in SSS electronic transactions. The agency said that transactions through the SSS’s electronic channels accounted for 75% of the total in 2020, up from 35% in the previous year. Manual transactions, in turn, dropped from 65% of the total in 2019 to just 25% last year. The agency also registered 11.14 times jump in the download of its mobile app last year from the 3.12 million downloads as of end-December 2019.
Meanwhile, lawmakers in the country have urged the SSS and other agencies to continue to invest more aggressively in boosting their “computing capacities” so that they can deliver superior services to the public over the digital space. Agencies should continue to improve and expand their transactions so that their respective members can conveniently do them online.
With COVID-19 still showing no signs of slowing down, the Philippine government continues to look for ways to improve its overall digital make-up for the benefit of its citizens and other governing agencies. One of which is opening areas in the country to allow movement of people to aid its economic recovery while also placing necessary measures to help contact-tracing protocols.
Accordingly, the country’s Inter-Agency Task Force (IATF) for the Management of Emerging Infectious Diseases has adopted the Safe, Swift, and Smart Passage (S-PaSS) Travel Management System developed by the Department of Science and Technology (DOST) and will now be institutionalised as the one-stop-shop app for travellers. This is considering the approval by the IATF of the uniform travel protocols for all local government units (LGUs).
The StaySafe.ph app, meanwhile, will be utilised as the primary contact tracing system by the Government. Other existing contact tracing applications will also be integrated with the StaySafe.ph system. The S-PaSS, developed by DOST VI initially as a travel management system, was primarily intended to make a hassle-free journey for Locally Stranded Individuals (LSIs), Returning Overseas Filipinos (ROFs), Emergency Travelers (ETS), and other travellers during this pandemic.
The S-PaSS is also meant to benefit not only the travellers but also the authorities to properly monitor the movement of people in different locations in the effort to prevent the spread of the virus. With the app, travellers can apply for Travel Authority (TA) online before visiting their local police station where the QR Code can be used to view one’s TA, as well as register at designated monitoring locations and track one’s travel history.
For the Philippine National Police (PNP), the tool can integrate the process of issuing a Travel Authority to quickly generate real-time reports. Likewise, in the case of other LGUs and monitoring agencies, the system will allow real-time monitoring of incoming travellers and provide convenient tracking of travellers by setting up designated monitoring locations and likewise quickly generate real-time reports. The system has a local mobility feature that replaces the use of pen-and-paper or logbooks. It can also be used to document and monitor border crossings in LGUs.
The travellers will be monitored by scanning their unique S-PaSS QR Code every time they visit an establishment and office. The system will then automatically record information on its ELogBook for recording and monitoring purposes.
Moreover, rapid adoption of digital technologies can help the Philippines overcome the impact of the Covid-19 pandemic, recover from the crisis, and achieve its vision of becoming a middle-class society free of poverty, according to the report released by the World Bank and the National Economic and Development Authority (NEDA).
The report stated that this pandemic has caused substantial disruptions in the domestic economy as community restrictions have limited the movement of people and reduced business operations nationwide. As we are now living with the new normal, the use of digital technology and digital transformation has become important for Filipinos in coping with the present crisis, moving towards economic recovery, and getting back on track towards the nation’s long-term aspirations.
Likewise, as reported by OpenGov Asia, the COVID-19 pandemic has forced several governments to re-examine the way they do things, how they interact with their citizens and how they keep their country functioning in these unprecedented times. Digital solutions in areas such as government services, education, the media, communication systems, and the economy have allowed some form of continuity in day-to-day life during a lockdown.
Although most Governments throughout South-East Asia are gradually moving towards complete digitalisation, they are all at very different stages of their digital transformation journey. It is also likely that Governments of the future will increase spending on digital infrastructure, adopt data-driven approaches in response to economic recovery, and leverage technology solutions to implement COVID-19 strategies.
Accidents happen anytime and anywhere but the road is among the most common places where they happen. The Philippine Department of Health (DOH) tags road accidents as one of the leading causes of death among children, overpowering other deadly diseases, including dengue. In fact, in Metro Manila alone, about two children die daily due to road accidents. Considering these facts, a local tech start-up has unveiled an app meant to improve the skills of drivers in the Philippines, particularly truck drivers, to help avoid future accidents.
The tech initiative is a collaboration of a logistics firm, the Technological Institute of the Philippines (TIP) and the Department of Science and Technology (DOST). The app was formally launched in the country although some of its features are still a work in progress. Developers say that the app features monitoring tools to analyse the behaviour of drivers on the road. The data can then be analysed to recommend changes or suggestions for drivers or companies.
The tech developer also said that the app uses AI technology and data analytics intended to improve driving. Recommendations are given out the data analytics to indicate if a driver is fit to drive or not. In a nutshell, the tech collates data from the behaviour of a truck driver on the road. An Internet-of-things (IoT) device is installed inside a truck to obtain the data.
Moreover, they added that learning modules provided in the app are also available for licenced drivers. A mobile version of the app is already up and running where the learning modules can be accessed. Soon, the app will have “gamification” features, allowing for the simulation of driving and road conditions. IoT devices are also being currently designed for more vehicles, as the positioning of the device will be critical.
The company and the Government said that the app is essential and will help the country’s problems on the road, noting that fatalities on road accidents are mostly caused by trucks, and the country also suffers from a shortage of professional truck drivers. Only a few percent of truck drivers in the country are professionally trained and that there is a shortage of skills among these truck drivers.
DOST undersecretary for research said the project, which is under the auspices of the department through the Philippine Council for Industry, Energy and Emerging Technology Research and Development (PCCIERD), is a good way of using science and technology to solve the country’s problems, particularly during these challenging times where COVID-19 is still present.
PCCIERD Director also said that the TIP and DOST are now in talks with other government agencies, which earlier expressed interest in the driver monitoring app. The Government also made sure that the developers are being funded and supported by the DOST and PCCIERD. Funding for the app is reportedly a little over PHP4 million.
Accordingly, the Government has committed to give local start-ups the benefits and incentives provided under the recently signed Republic Act 11337 or the Innovative Start-up Act. The law aims to help start-ups and start-up enablers by providing incentives like travel grants, access to a Start-up Venture Fund, and assistance in getting visas and business permits.
Aside from the Department of Trade and Industry (DTI), the DOST, the Department of Information and Communications Technology (DICT) are the host agencies to implement the Philippine Start-up Development Program, composed of programs, benefits, and incentives for the start-up community.
The Government added that this coronavirus pandemic has shown that with limited human interaction and cities in lockdown, many businesses ground to a halt. Without sufficient technology and automation in place, high-touch human operations became paralysed. As the world recovers, it would require a reimagination of human and business processes to future-proof against the next crisis.
With the COVID-19 pandemic still making its rounds in the country, companies believe that a ‘hybrid’ workplace will be the new normal for Philippine companies, as the global crisis continues. This hybrid arrangement – where employees are expected to spend time working from home and time working in the office – is just one of the trends that companies should brace for using technology considering the massive changes that the pandemic has brought.
A tech firm’s technology lead executive for data and AI in the Philippines said while geopolitical news and trends dominated 2019, the year 2020 brought in COVID-19 which basically “changed everything” on a truly global scale. A hybrid workplace means most people will not be working at home permanently but at the same time, not everybody will be in the office. He reiterated that there is no going back to the old ways where people are expected to spend their whole time at the office.
Companies would then need to find the right balance. A hybrid workplace also means work will no longer be location and time-dependent. Organisations will be forced to adapt or be left behind. COVID-19 has been likened to a “fast-forward” switch that has compelled global companies to radically change. Technology, now more than ever, will be at the forefront of the changes. Unlike before where technology played a mostly supporting role for businesses, it is now “the star” of the show and without it, companies cannot do business.
Before the pandemic, companies who were aggressive with their technology rollouts outpaced technology laggards by twice over. During the pandemic, the trend has significantly changed, and these tech leaders now outpace their lagging counterparts by five times. From small to medium-sized enterprises or SMEs to larger enterprises, the first step to adapt is to get started. This is relevant for the Philippines where more than 90% of companies are small-mid size businesses (SMBs). The key is to choose the right technology for a company’s specific needs. Starting small and leveraging technology to the organisation’s advantage is essential when creating a plan as there is no one-size-fits-all solution.
A tech giant released a study, which revealed companies that invest in technology such as the ones needed for “hybrid” workplaces, grow more than twice in revenue compared to slow-adopting competitors. As the company’s largest enterprise IT survey, the study covered both the pre-existing and emerging technologies that include Artificial Intelligence (AI), blockchain, and even Extended Reality. The study says that the world’s leading companies are investing in boundaryless, adaptable, and radically human systems to maximise innovation, business performance, and value. While there is no fixed endpoint in the race to success, these attributes yield competitive advantages and help close the innovation achievement gap.
As reported earlier by OpenGov Asia, the country’s Bureau of Work Conditions (BWC) spearheaded the information drive on various styles of flexible working arrangements that could be beneficial to employers and employees. This was essential as most working-class citizens have been eagerly awaiting notice of changes or announcements coming from the authoritative body.
It is the responsibility of employers to promote work-life balance, especially in these trying times through proper scheduling of activities and a justifiable rotation of the workforce. Safety officers are key in this aspect. The officers must cater to expectations of a safe workplace and ensure that the spaces are compliant with the Occupational Safety and Health Law that has a special focus on physical and mental resilience. Physical and mental resilience involves employers providing psychosocial support for their workforce especially of those showing mental and health concerns. The National Centre for Mental Health Crisis aids any employees with such issues.
The Philippines Railways Institute (PRI) will undergo digital transformation to further adapt to the demands of the new normal brought by COVID-19. The PRI is a rail transportation research and training centre that deals with research and development on the management, operation, and maintenance of railways and training of personnel in the rail transportation industry in the country.
In a statement, the Department of Transportation (DOTr) undersecretary and the PRI officer-in-charge, stressed that the PRI is now able to provide remote learning sustainably during this pandemic. She said that the agency is now part of a growing number of institutes and organisations that have adopted this kind of learning platform in the country.
Existing railway personnel and maintenance staff can now access self-paced training courses through an online learning platform launched by the PRI with the help of a PHP307-million grant from the Japan International Cooperation Agency (JICA).
PRI’s learning management system (LMS) is an online learning platform that allows self-paced learning, while still encouraging the trainees’ participation through facilitated contact sessions. Further, the LMS gives PRI instructors and railway trainees an academic and scalable digital learning environment alongside the existing video platform being used by the Institute. It is also mobile-friendly, which allows trainees and instructors seamless access to learning materials anytime and anywhere.
The PRI has recently conducted the first LMS-delivered refresher training course, with 30 railway personnel and 15 graduating college students as participants. The PRI noted that the pandemic disruption has accelerated technological trends in the fields of learning and education. Instructional methodologies are evolving with the adoption of innovations to address limitations set by health and safety protocols to prevent the further spread of the virus.
Before the strict community quarantine was imposed due to the pandemic, the PRI was conducting the Refresher Training Course (RT) face-to-face with a total of six batches of trainees completing the course. Since then, the learning institute shifted to the Web Refresher Training Course (WRT), an online course conducted through the Zoom platform, with 15 batches completing it.
The PRI also expanded the scope of its WRT to include graduating college students with a railways-relevant background and returning overseas Filipino workers (OFWs) with railway operation and maintenance experience.
As reported by OpenGov Asia, the country’s “Full Digital Transformation Act of 2020” mandates all government agencies, government-owned and controlled corporations (GOCCs), instrumentalities and Local Government Units (LGUs) to adopt a digital plan that aligns with the Philippine Digital Transformation Strategy 2022.
The bill of full digitalisation of government services promotes a zero-contact policy and facilitates ease of procedures. All of this is meant to streamline government services under Republic Act No. 11032 or the Ease of Doing Business and Efficient Government Service Delivery Act of 2018, Republic Act No. 11234, the Energy Virtual One-Stop Shop Act and other applicable laws.
The Government reiterated that digitalisation is no longer just another trend, but it is the way the world is heading to, the rationale emphasised by lawmakers in the country. They added that full digitalisation is in the nation’s vision two years from now, and this transformation can be achieved through business and wireless networks, resulting in higher efficiency and lower costs.
At the same time, the rapid adoption of digital technologies can help the country overcome the impact of the Covid-19 pandemic, recover from the crisis, and achieve its vision of becoming a middle-class society free of poverty, according to the report released by the World Bank and the National Economic and Development Authority (NEDA).
The Philippines has been recognised for its best practices in adopting cloud services even though government agencies supposedly have a long way to go towards fully implementing its use in the delivery of services. Cloud technology is an on-demand availability of computer system resources, data storage and computing power, without direct active management by the user. This importance of cloud tech is magnified by companies implementing work-from-home arrangement, and other efforts in digital transformation to cope with the new normal brought by the COVID-19 pandemic.
Considering this, an international collaboration platform formally launched its cloud-based software in the country. Founded in 2012, the cloud developers said the platform enables local businesses, whether small or large scale, to build and create custom dashboards, allowing teams to work together and oversee various operations — from project management, HR, CRM and Sales, and IT — all in one workspace.
The tech company was founded on the belief that transparency and collaboration create a culture of ownership and empowerment. They added that their products are visual, easy and intuitive making them ready to customise according to needs. With these in mind, users can easily communicate with everyone whether they are working from home, on the road or in the office.
Officials from the tech firm presented a virtual live demonstration to showcase how the platform can be set up in minutes and transform into a collaborative workspace that fits the needs of any organisation of various industries. Local businesses who are current users of the platform also shared their first-hand experience on how the cloud tech helped their teams and how it made flexibility and productivity possible despite team members working remotely.
For the users, with work-from-home parameters set, collaboration is the key to navigate in the age of COVID-19. Through the cloud, they believe that teams can efficiently work together from various locations. The cloud’s main features include the following:
- Flexibility — There are over 200+ ready-made templates to customise the platform for any workflow build custom work applications for any workflow
- Intuitiveness — All projects and tasks can be viewed with a single glance; has multiple dashboards for ease of use and updates
- Collaborative — Easy communication as files are centralised in one place
- Seamless — Any existing work tools can be easily integrated into the platform
Accordingly, as reported by OpenGov Asia, The Department of Information and Communications Technology (DICT) amended its Cloud First Policy to provide clearer instructions on policy coverage, data classification, and data security. It also covers policies on sovereignty, residency, and ownership as the government transitions to the ‘new normal’ amidst the COVID-19 pandemic.
DICT said that the Philippine government’s Cloud First Policy promotes cloud computing as the preferred technology for government administration and the delivery of government services. Shifting to cloud computing is expected to foster flexibility, security, and cost-efficiency among users. Cloud computing also offers key advantages such as access to global systems of solutions, innovations, and services, as well as up-to-date cybersecurity.
At the same time, an American tech giant said that the policy of the DICT is flexible and adaptive to the IT demands of government agencies. He advised the department to develop a classification policy that will ensure the security of data being handled by the public sector while at the same time upholding the right of the citizens to be informed of vital government transactions.
The tech giant further stated that the public sector should evaluate their cloud product based on its capability to provide high security, ensure the privacy of personal information, and guarantee technology reliability. Moreover, a good cloud product must be compliant with all regulations and must be aligned with the agencies’ duty of accountability and for agencies to be able to look at the technology that can support their societal goals and help improve environmental sustainability.
The role that technology plays in society is becoming an increasingly urgent topic of discussion today as the COVID-19 pandemic takes its toll. The advancements in technology are lightning-fast, which is evident as more and more data becomes available through cloud technology. As the digital landscape continues to evolve at a rate that seems to outpace our innate, online culture, organisations without sufficient digital foundation and cybersecurity measures are at risk.
Worldwide digital transformation and the paradigm shift to cloud tech is imperative and it continues to gather momentum with the pandemic accelerating the transition. This is a timely opportunity for organisations to pause and reflect on their current digital makeup.
These were the focal points discussed by digital executives from various tech sectors during the OpenGovLive! Virtual Breakfast Insight held on 24 February. The topic – Start Small, Scale Fast, Transform Securely: Embracing a Paradigm Shift in Cloud-Native Applications and Protection Strategies – was highly pertinent and relevant to the current times.
The pandemic’s effect on digital transformation and cloud migration
To kickstart the session, Mohit Sagar, Group Managing Director and Editor-in-Chief at OpenGov Asia explained that cloud technology has been around, but it has been magnified today because of COVID-19.
The paradigm shifts towards cloud-native are here to stay, he asserted. The public sectors around the region have been juggling numerous applications to keep the services going. In today’s new normal, citizens no longer have the luxury of walking up to a government office to ask for assistance – it has all been moved to the digital space.
Mohit reiterated that a digital system should be as seamless and innovative as possible, creating a user-friendly experience. Yet, many government agencies are grappling with mission-critical legacy applications and therefore, it is vital to have a clear strategy and overall framework to modernise these applications. While doing that, a cloud system must be incorporated – providing accessibility from any device, any where, any time.
At the same time, scalability must be at the forefront of this digital shift. The modernisation of critical applications can be gradual, and organisations can start by streamlining the current portfolio of applications to achieve scalability. As technology advances, so does the level of cyber risk that organisations must manage; security must be built into the process.
However, with time pressure to get a project up and running, the lack of sensible security measures will create a hindrance for governments to achieve true cyber resilience and vigilance.
In conclusion, Mohit advised delegates and organisations to find the right partners in this ever-evolving journey of digital transformation and application modernisation, instead of attempting to handle everything in-house.
Modernising digital solutions for today’s immediate needs
The COVID-19 pandemic created new norms in society, triggering significant pressure on organisations to provide modern digital solutions. This was the key premise, Sanjay Deshmukh, Vice President & Managing Director for Southeast Asia & Korea, VMware, elaborated on with fellow speakers and distinguished delegates from the Singapore public sector.
He started with the fact that VMware has been working with different agencies all over the world, especially during the pandemic, to build the right foundation for digital government. He acknowledged that there is unprecedented pressure on governments and digital service providers brought by the on-going pandemic.
The escalating pressure to modernise and the urgent need for mobile workplaces and services are just some of the community’s expectations. At the same time, protection from cyber threats is vital as these threats are on the rise. All these issues and needs have been compounded and accelerated by COVID-19.
Sanjay added that the biggest challenge lies in legacy systems. These systems create a digital divide between what the citizens are expecting and what agencies can deliver. Every agency wants to deliver and automate digital services, but legacy systems are a major hindrance. The lack of agility in response time from this system magnifies this issue.
Additionally, security and compliance are known factors in creating this digital divide.
Through a secure and flexible digital foundation – with consistent infrastructure, consistent operations, and intrinsic security, powered by digital infrastructure – agencies can enhance mission delivery and productivity; continually defend against cyberthreats, and meet dynamic mission requirements— all while relieving IT burdens.
Yet achieving these agency goals with a digital foundation requires rethinking the IT architecture.
Governments to act as solution providers, not as mere policymakers
Following Sanjay’s presentation, Adam Carthew, Chief Information Officer of Service Victoria to over. He started by sharing that Service Victoria was first instituted as a start-up aiming to provide a place where citizens can go digitally, irrespective of the structure of government. The company launched a successful pilot using lean methodology in government services, so citizens do not need to go out and conduct their businesses, which proved to more cost-effective for all concerned parties.
With the foundation set, the company went from start-up to scale-up. At first, they did not target infrastructure building nor even had a team to handle services right away. So, what they did was they partnered with someone with a plethora of digital capabilities that could run in a cloud environment, that could scale and be cost-effective.
Service Victoria eventually redesigned their digital transactions by making services such as identity identification, payment gateways, police check etc., all possible on the digital space.
Adam also said that the ones who are winning right now are marketplace organisations. These types of organisations do not care about brands, bricks and mortar, or any of these. They only care about the customer. Hence, from the government’s perspective, Service Victoria had to get away from thinking like policymakers and start thinking about what is best for customers.
Accordingly, Service Victoria picked up various products and services and integrated them into their standard way of operating in the cloud. They improved the products’ capabilities and flexibility. But then, COVID-19 struck, and as Adam described, it was like a 40kph wind behind them. Service Victoria needed to adapt once more and create leverage with this wind behind them. Even with the tech they had, as good as it was, it still was not fast enough, and it just could not take them to where they want to go.
With the government making swift policy changes, Service Victoria needed to be agile enough to keep up. They did away with the tech that they had and started to used servers. They also needed to scalable because of the high volumes of changes. Volumes that were not constrained to a single platform.
Adam revealed that with the on-going pandemic, they improved their digital permit system so that it did not force citizens to navigate from one place to another during lockdown situations. Adam added that with the cloud-native approach and advanced tech applications, various projects from frontend to backend, ones that can stem from 3 months to accomplish, can be achieved in 3 weeks or even just a matter of days.
Polling questions and discussion
After the engaging and informative presentations by the speakers, the session transitioned to an interactive discussion with polling questions posed to the audience. The questions revolved around the main challenges and drivers of application modernisation.
When asked what the current state of their organisation’s public cloud adoption is, 42% of the delegates said they currently have small workloads in the cloud. A delegate from the health sector said that most of their data, like patient details, are still on their private cloud. But they are pushing for the migration of data containing useful clinical information to the public cloud.
The next question focussed on their main challenges in cloud migration. Most of the delegates said that digital processes are the biggest challenge because government policies hinder full migration. Sanjay from VMware reiterated that infrastructures must complement the cloud to achieve benefits in the long run. For him, the future is hybrid and multi-cloud heavy.
However, 43% of delegates said that re-factoring or developing new cloud apps is preferred, rather than migrating existing apps to the cloud. Some delegates also said that re-platforming their apps or utilising Kubernetes is also appreciated.
Mohit on the other hand suggested that retiring processes/apps that prove to be outdated are also useful for governments for them to focus on what is effective and not get disoriented by multiple platforms and applications.
For over 70% of the delegates, the lack of developers and operator skills is the top challenge when adopting Kubernetes in their organisations. Resources are also limited, so they need to get partners on board. Compounding that, unfamiliarity with the tech bothers some of the attendees – primarily because of its security capabilities.
On the topic of security, the delegates were asked which of the following security strategies namely, Endpoint, Workload, Workspace, Network and Cloud are on the companies’ radar for the next 12 months. About 21% of the delegates voted for Workload and Endpoint securities, while the same number of attendees voted for Network and Cloud securities. Only 16% voted for Workspace security.
The session ended with the closing remarks by Adrian Hia, Country Manager, Singapore for VMware. He closed the session by emphasising two points.
The first was the need for continuous production of modern applications for training and learning in the digital world. The second was the current trend where fresh graduates are mainly interested in cloud technology. This should prompt and inspire organisations to adapt and migrate to the cloud as soon as possible, taking advantage of the available talent and skill. Together, they could create an effective and cost-efficient digital government.
He encouraged delegates to reach out to them and explore ways they could collaborate for a better, efficient and resilient government for the benefit of all.