Singapore and the United States look to develop their cyber security cooperation after signing a new memorandum of understanding (MoU) aimed at strengthening information sharing and encouraging cyber security exchanges between the two countries. The Memorandum of Understanding was signed by the chief executive of Singapore’s Cyber Security Agency (CSA), which oversees keeping Singapore’s cyberspace secure and the director of the United States Cybersecurity and Infrastructure Security Agency (CISA), which leads the country’s national effort to protect and enhance the resilience of its physical and cyberinfrastructure.
Singapore and the United States share deep mutual interests in enhancing cyber security cooperation, particularly as cyber security has become a key enabler for both countries to leverage the benefits of digitalisation to grow our economies and improve the lives of our people.
The agreement came as US Vice-President visited Singapore as part of a tour to the broader Southeast Asia region. “Singapore and the United States share deep mutual interests in enhancing cyber security cooperation, particularly as cyber security has become a key enabler for both countries to leverage the benefits of digitalisation to grow our economies and improve the lives of our people,” said chief executive of Singapore’s Cyber Security Agency (CSA).
“This expanded MoU is a testament of our shared vision to work together towards a stable, secure, resilient and interoperable cyberspace. We look forward to continuing our work with the US to strengthen cybersecurity cooperation between our countries,” he added.
Along with increasing and strengthening information sharing, the agreement is expected to broaden cooperation through joint exercises, as well as expand the countries’ partnership into new areas of cooperation such as critical technologies and research and development. “Cyber threats don’t adhere to borders, which is why international collaboration is a key part of the administration’s approach to cyber security,” said the director of the United States Cybersecurity and Infrastructure Security Agency (CISA).
“The MoU allows us to strengthen our existing partnership with Singapore so that we can more effectively work together to collectively defend against the threats of today and secure against the risks of tomorrow,” she added. The agreement comes just weeks after the CSA flagged an increase in cyber threats, such as ransomware and online scams since the pandemic started in 2020.
According to new figures in CSA’s Singapore Cyber Landscape (SCL) 2020 report, released in July, the CSA’s SingCERT (Singapore Computer Emergency Response Team) handled more than 9,000 cases last year, compared to nearly 8,500 cases reported in 2019 and 4,977 cases in 2018. The latest threat tally marks the second consecutive year of increases in cyber threats handled by the agency.
“Although the number of phishing incidents remained stable and website defacements declined slightly, malicious cyber activities remain a concern amid a rapidly-evolving global cyber landscape and increased digitalisation brought about by the COVID-19 pandemic,” CSA said in a statement.
The agency asserted that throughout 2020, it observed global threat actors capitalising on the pandemic’s anxiety and fear, with ramifications felt by individuals and businesses. These threat actors specifically targeted e-commerce, data security, vaccine-related research and operations, and contact tracing operations. Some of the observed global threat actor trends were mirrored locally, according to CSA, with an increase in ransomware incidents and the emergence of COVID-19-related phishing activities in the region, the latter of which coincided unsurprisingly with the rise of work-from-home (WFH) arrangements.
Breaking down the types of threats observed, the latest report reveals that 89 ransomware cases were reported to CSA in 2020, a 154% increase from the 35 cases reported in 2019. These incidents primarily impacted small and medium-sized businesses (SMEs) in industries such as manufacturing, retail, and healthcare.
The CSA also stated that the rise in local ransomware cases was most likely influenced by the global ransomware surge, with three distinct characteristics observed as ransomware operators deployed increasingly sophisticated tactics: shifting from indiscriminate, opportunistic attacks to more targeted ‘Big Game Hunting’; the use of ‘leak and shame’ tactics; and an increase in ransomware-as-a-service (RaaS).
Looking ahead, the report identified several emerging cybersecurity trends to keep an eye on in the context of an increasingly complex and dynamic cyber threat landscape. According to the CSA, one of the major trends to keep an eye on is the continued evolution of ransomware attacks.
The Ministry of Electronics and Information Technology’s National e-Governance Division (NeGD) is conducting the 40th Chief Information Security Officer (CISO) Deep-Dive Training Programme from 4-8 December.
It is being conducted under the Ministry’s Cyber Surakshit Bharat initiative, which aims to raise awareness about cybercrime and enhance the capabilities of CISOs and frontline IT personnel in government departments. Through it, the government ensures there are adequate safety measures in place to combat the increasing threat of cybercrimes.
The programme is held at the Indian Institute of Public Administration in New Delhi and is attended by 31 participants from Bihar, Himachal Pradesh, Kerala, Telangana, Uttar Pradesh, Madhya Pradesh, and New Delhi.
The programme’s objectives include raising awareness, enhancing capacity, and empowering government departments with the necessary steps to establish a cyber-resilient ecosystem. It seeks to sensitise and orient participants on cyber safety and security, advancing the Digital India programme for the integrated delivery of diverse government services to citizens. The programme aims to provide comprehensive information and knowledge about cybersecurity, fostering awareness, building capacities, and enabling government departments to effectively manage their cyber hygiene, safety, and security.
Emphasising the significance of cybersecurity in the face of escalating cyber-attacks, MeitY Secretary, S. Krishnan discussed the vulnerabilities prevalent in the digital era. He highlighted the pivotal role played by CISO officials in formulating cybersecurity strategies for organisations, particularly for information security.
Krishnan said that it was important that CISOs should keep pace with technological advancements and encouraged CISO officers to adopt innovative and forward-thinking approaches in supporting the cybersecurity initiatives of their organisations. During his address, he acknowledged the Department of Telecommunication for its role in tackling challenges presented by emerging technologies such as 5G and 6G.
Officials including the Director General of the Indian Institute of Public Administration (IIPA), S. N. Tripathi, and other officers from NeGD and IIPA attended the inaugural session of the programme. Since the initiative was launched in June 2018, NeGD has successfully organised 40 batches of CISO deep-dive training programmes, benefiting more than 1,523 CISOs and frontline IT officials.
Cybersecurity has been a top priority for the government given the increasing reliance on technology across all sectors of the economy. Last month, the Ministry of Finance spearheaded a comprehensive discourse to strategise against the burgeoning threats of cybercrime in the financial services sector, particularly the surge in online financial fraud incidents.
Stakeholders discussed the need for enhanced coordination among police, banks, and financial entities for real-time tracking and blocking of defrauded funds. They also put forth strategies to tackle the proliferation of mule accounts, augment response times to handle alerts on online financial frauds and establish regional/state-level nodal officers.
As OpenGov Asia reported, it was agreed that a central registry for merchant onboarding and KYC standardisation is required and the importance of whitelisting digital lending apps through stakeholder consultation was highlighted. Progress updates on implementing recommendations, such as setting up the Digital India Trust Agency (DIGITA) and the proposed legislation known as the ‘Banning of Unregulated Lending Activities (BULA) Act,’ were also on the agenda.
Key industry players presented their strategies for mitigating fraudulent activities. The State Bank of India (SBI) presented its Proactive Risk Monitoring (PRM) strategy, while representatives from companies dedicated to mobile banking shared their successful best practices.
The advancement of healthcare is emerging to its cybersecurity frontier, where the U.S. Department of Health and Human Services (HHS) initiative serves as a cornerstone for fortifying the digital resilience of the healthcare industry. As healthcare increasingly relies on digital technologies to deliver patient care and manage sensitive health data, securing these systems from malicious cyber threats becomes paramount. The HHS strategy acknowledges the current surge in cyber incidents and proactively addresses the evolving nature of these threats.
The U.S. Department of Health and Human Services (HHS) has unveiled a concept paper outlining its cybersecurity strategy specifically tailored for the healthcare sector. Building upon President Biden’s National Cybersecurity Strategy, this initiative strongly emphasises fortifying resilience in the face of cyber threats targeting hospitals, patients, and communities.
The concept paper articulates a robust plan of action, encompassing the publication of new voluntary healthcare-specific cybersecurity performance goals, collaboration with Congress to institute supports and incentives for domestic hospitals to enhance cybersecurity, and an emphasis on accountability and coordination within the healthcare sector.
According to the HHS Office for Civil Rights (OCR), cyber incidents in the healthcare domain have seen a staggering increase, with a 93% rise in large breaches reported from 2018 to 2022 (from 369 to 712). Notably, incidents involving ransomware have surged by 278%. The repercussions of cyberattacks on hospitals and health systems have been severe, resulting in extended care disruptions, patient diversions, and delayed medical procedures, ultimately jeopardising patient safety.
HHS Secretary Xavier Becerra underscored the urgency of addressing cybersecurity vulnerabilities in the healthcare sector, acknowledging its high susceptibility. Becerra emphasised the Biden-Harris Administration’s commitment to bolstering nationwide cybersecurity capabilities in collaboration with healthcare and public health partners. The overarching goal is to substantially impact hospitals, patients, and communities grappling with the repercussions of cyber threats.
In acknowledging the challenges faced by the healthcare sector, the administration’s commitment extends beyond mere rhetoric, signalling a proactive stance to protect critical infrastructure. Becerra’s acknowledgement of the overarching goal underscores the administration’s dedication to significantly impacting hospitals, patients, and communities that bear the brunt of cyber threats. The focus extends beyond theoretical cybersecurity measures to tangible, real-world outcomes that ensure the safety and well-being of individuals reliant on healthcare services.
Further, Anne Neuberger, Deputy National Security Adviser for Cyber and Emerging Technologies, highlighted the preventable nature of impacts stemming from cyberattacks on healthcare organisations. Neuberger stressed the administration’s commitment to establishing robust cybersecurity standards and allocating resources to enhance cyber resiliency across critical sectors, drawing parallels with initiatives like pipelines, aviation, and rail systems.
Deputy Secretary Andrea Palm echoed the concerns about the escalating cyber threats in the healthcare sector, emphasising the need for comprehensive measures to ensure the preparedness and security of hospitals, patients, and communities. HHS’s concept paper delineates a multifaceted approach, encompassing the publication of voluntary Health care and Public Health sector Cybersecurity Performance Goals (HPH CPGs) to guide institutions in prioritising and implementing high-impact cybersecurity practices.
Additionally, HHS aims to collaborate with Congress to secure new authority and funding to incentivise hospitals to adopt these practices. The plan proposes enforceable cybersecurity standards, informed by the HPH CPGs, integrated into existing programmes. The initiative further seeks to expand and enhance HHS’s coordination role as a “one-stop shop” for healthcare cybersecurity, improving coordination within the federal government and fostering deeper partnerships with industry stakeholders.
As the HHS cybersecurity strategy unfolds, it is poised to set a precedent for safeguarding critical infrastructure in the healthcare sector, addressing current vulnerabilities and establishing a resilient foundation for the future. The comprehensive and collaborative approach outlined in the concept paper aligns with the evolving nature of cyber threats, demonstrating a commitment to proactive cybersecurity measures that transcend traditional boundaries.
The Minister of Electronics and Information Technology (MeitY), Ashwini Vaishnaw, has discussed creating a robust response to the challenges posed by deepfake technology with representatives from academia, industry bodies, and social media companies. The consensus reached in the discussion entails collaborative efforts among the government, academia, social media companies, and the National Association of Software and Service Companies (NASSCOM) to collectively address the harmful uses of deepfake.
Deepfakes are artificial intelligence-manipulated video, audio, and images. Their hyper-realistic nature makes them challenging to identify as fake, especially for individuals unfamiliar with the technology. Therefore, these manipulations can and have harmed reputations and serve as tools to falsify evidence. Deepfakes are also a threat to democracy and social institutions globally and the increasing presence of deepfakes in political messaging could be particularly damaging, especially in the lead-up to the upcoming general elections, posing risks to the integrity of information and public discourse.
The meeting, held at the end of November, concluded with an agreement to identify actionable items within the next 10 days, focusing on four key pillars:
- Detection: Develop methods to identify deepfake content both before and after its posting.
- Prevention: Establish an effective mechanism to prevent the spread of deepfake content.
- Reporting: Implement an efficient and prompt reporting system along with a grievance redressal mechanism.
- Awareness: Launch a widespread awareness campaign to educate the public on the issues related to deepfake technology.Top of Form
Furthermore, effective immediately, MeitY will initiate an exercise to assess and formulate necessary regulations to combat the threat of deepfake. To facilitate this process, MeitY will invite public comments through the MyGov portal.
A follow-up meeting with relevant stakeholders will be held again this week to finalise the four-pillared structure. According to the government’s AI news portal, it remains committed to combating the growing threat of deepfake through technology and by fostering public awareness. It said that MeitY has frequently guided social media intermediaries, urging them to exercise due diligence and promptly take necessary actions against instances of deepfake.
Recently, the Delhi High Court expressed reservations about the prospect of judicial intervention to regulate the use of deepfake content created through AI. It said that addressing the issue and finding a balanced solution would be more appropriately handled by the government, given its extensive data resources and wide-ranging machinery. The court scheduled the matter for an additional hearing in January.
Governments globally are addressing the threats of damaging deepfake technologies by implementing enhanced rules and regulations. In September, the United States National Security Agency (NSA) and federal agency partners issued new guidance on cybersecurity risks associated with deepfakes.
As OpenGov Asia reported, they published a Cybersecurity Information Sheet (CSI) titled “Contextualising Deepfake Threats to Organisations” to help organisations recognise, safeguard against, and respond to deepfake threats.
It suggests that organisations should incorporate real-time verification capabilities. It underscores the use of passive detection techniques for continuous monitoring and early identification and emphasises the significance of safeguarding high-profile officers and their communications, as they are frequent targets of deepfake attempts.
Apart from detection, the guidance offered ways to mitigate the impact of deepfake attacks. Organisations must foster information sharing within and across organisations. The guidance advocates for thorough planning and rehearsal of responses to potential exploitation attempts, ensuring organisations are well-prepared for any incidents. Personnel training is another crucial aspect, providing individuals with the skills and knowledge to effectively recognise and respond to synthetic media threats.
New Zealand has been facing many cyber threats during 2020-2023, posing a significant risk to individuals, businesses, and critical infrastructure. New Zealand’s National Cyber Security Centre (NCSC) estimates that a staggering NZ$65 million in harm was deflected from nationally significant organisations in 2022. This impressive figure underscores the importance of robust cybersecurity measures in safeguarding critical infrastructure from cyberattacks.
Cybercriminals are constantly adapting their techniques, employing increasingly complex and difficult-to-detect methods. This includes ransomware attacks or data breaches that expose sensitive information, supply chains, and even education as the most vulnerable target.
New Zealand Police have warned about a targeted email campaign affecting various organisations, with schools being a primary focus. This digital threat has prompted heightened vigilance and collaborative efforts to mitigate potential risks to the targeted entities.
According to the latest advisory, multiple organisations, including several schools, have fallen prey to this email campaign. New Zealand Police have expressed confidence that the emails originate from the same source. Despite this, they have emphasised that no perceived tangible threat exists to the organisations receiving these emails.
The authorities are actively seeking the cooperation of the recipients in reporting any such emails to facilitate ongoing investigations aimed at uncovering the origins of these potentially malicious communications. This collaboration between affected organisations and law enforcement underscores the significance of collective action in addressing cybersecurity challenges.
The impacted schools are taking swift action by disseminating timely updates to their students, staff, and parent communities. Reassuring their stakeholders, these educational institutions emphasise that all necessary measures are being implemented to ensure safety and well-being take precedence.
In the face of emerging cybersecurity threats, it is crucial for organisations, especially educational institutions, to stay informed and prepared. The ongoing incidents highlight the need for a proactive approach to cybersecurity, where institutions can benefit from robust policies and procedures to safeguard against digital threats.
Schools are advised to adhere to their established emergency policies and procedures in an emergency or a situation posing a potential threat. Collaboration with the appropriate emergency services and adherence to their guidance is paramount in ensuring a coordinated and effective response.
School students emerge as a particularly vulnerable demographic to the pervasive threat of cyberattacks due to their extensive engagement with digital platforms. The substantial amount of time they dedicate to online activities, including educational pursuits, social interactions, and entertainment, significantly heightens their susceptibility to becoming victims of cyber threats.
Their digital presence, often marked by a lack of comprehensive awareness and cybersecurity education, makes them attractive targets for various malicious actors operating in the cyber realm.
In cases involving threats of violence, the primary agency to engage with is the New Zealand Police. Their expertise and resources can be pivotal in addressing and neutralising potential risks. Local Te Mahau offices can assist as needed to support affected entities further. It underscores the importance of a collaborative effort at the community level, where various stakeholders work together to enhance resilience against cyber threats.
As the digital landscape evolves, so do the tactics malicious actors employ. The recent email campaign serves as a reminder for organisations to stay vigilant, enhance their cybersecurity measures, and foster a culture of digital awareness. Cybersecurity education and training are essential to fortifying defences against phishing attempts and other cyber threats.
It underscores the imperative for fostering collaboration among various stakeholders to address and counteract the escalating threat posed by cyber-attacks effectively. A united front involving governments, businesses, cybersecurity experts, and the broader community is essential to mitigate the risks and challenges associated with these digital incursions.
Emphasising the significance of collective efforts, it highlights the interconnected nature of the digital landscape, where a collaborative approach becomes pivotal in fortifying defences, sharing intelligence, and devising comprehensive strategies to safeguard the increasingly interlinked and technologically dependent societies from ever-evolving cyber threats.
Ethical concerns in artificial intelligence (AI) cybersecurity encompass a spectrum of issues, including privacy, fairness, transparency, and accountability. Ensuring that AI systems operate within ethical boundaries is paramount to building trust among users, stakeholders, and the public. The collaborative effort behind the global guidelines signifies a collective commitment to addressing these ethical considerations comprehensively.
Privacy is a cornerstone of ethical AI development, especially in a world where data plays a central role in training and refining AI models. The guidelines emphasise the need for robust privacy measures to safeguard user data, preventing unauthorised access and misuse. Developers can contribute to a more ethical and responsible AI ecosystem by incorporating privacy-preserving practices.
New Zealand’s dedication to enhancing cybersecurity strengthens the landscape around AI. In the last update, the National Cyber Security Centre (NCSC) became one of 17 agencies from 17 countries to release guidance, led by the United Kingdom, to help AI developers adopt cyber security from the outset. The result is the release of the Guidelines for Secure AI System Development, a comprehensive set of standards that mark the first globally agreed-upon cybersecurity guidelines for AI developers. The policies, endorsed by 23 international agencies, including New Zealand’s NCSC, aim to instil a “secure by design” approach in the development process, ensuring the safety, resilience, privacy, fairness, reliability, and predictability of AI systems.
The newly introduced guidelines serve as a crucial pre-condition for the safety and effectiveness of AI systems. Cybersecurity considerations are paramount to safeguarding these systems against evolving threats and potential vulnerabilities. Lisa Fong, Deputy Director General of the National Cyber Security Centre, emphasises the importance of adopting a secure-by-design approach, which is fundamental in elevating the cybersecurity posture of AI systems. The guidelines provide developers with a roadmap to make informed decisions at every stage of AI system development, whether building systems from scratch or leveraging existing tools and services.
International partner agencies and industry experts are involved in this collaboration, fostering a shared understanding of cyber risks, vulnerabilities, and effective mitigation strategies. The guidelines lay down a comprehensive framework for developers and contribute to establishing a global consensus on best practices for AI cybersecurity. The international endorsement of these guidelines reinforces the shared commitment to creating a secure environment for the evolution of AI technologies.
The release of these guidelines follows the interim generative AI guidance for the public service. This interim guidance, jointly produced by the NCSC, served as a precursor to the global guidelines and demonstrated the multidisciplinary approach required to securely harness the potential of generative AI. The collaboration between the NCSC, data experts, digital professionals, procurement specialists, and privacy counterparts underscores the need for a holistic and integrated approach to AI cybersecurity.
As the adoption of AI continues to grow across diverse sectors, from public services to private industries, the significance of robust cybersecurity measures cannot be overstated. The global nature of the collaboration behind these guidelines reflects the urgency and shared responsibility felt by nations worldwide to mitigate the evolving threats posed by cyber adversaries.
These guidelines are set to become a foundational resource for AI developers globally, offering a comprehensive approach to embedding cybersecurity measures from the outset. The emphasis on a secure-by-design philosophy aligns with the evolving landscape of cyber threats, where proactive measures are essential for staying ahead of potential risks. The guidelines address current challenges and provide a forward-looking framework to adapt to the dynamic nature of AI technologies and the cybersecurity landscape.
New Zealand is consistent in conforming to international collaboration to fortify the foundations of AI cybersecurity. As nations join forces to address the challenges posed by cybersecurity threats, these guidelines stand as a testament to the commitment to creating a secure and resilient environment for the evolution of artificial intelligence. The global endorsement underscores the recognition of AI’s transformative potential and the shared responsibility to ensure its responsible and secure integration into various facets of modern society.
In the nation’s critical infrastructure landscape, K-12 schools are pivotal, serving as the foundation for future success and playing an indispensable part in the lives of millions of children, families, and communities. Recognising the importance of ensuring the safety and well-being of students, educators, and staff, the Cybersecurity and Infrastructure Security Agency (CISA) leads the annual Critical Infrastructure Security and Resilience Month. This initiative aims to educate and engage all levels of government, infrastructure owners and operators, and the American public about critical infrastructure’s crucial role in the nation’s well-being and the need to strengthen security and resilience.
Digital technology has become an integral aspect of modern education, and as schools navigate the complex landscape of security and resilience, leveraging digital tools and strategies becomes paramount. The intersection of education and technology presents various challenges and opportunities, especially in an evolving threat environment that includes cyberattacks alongside more traditional hazards.
As CISA encourages a Resolve to be Resilient, the emphasis extends to the education community, urging several measures and investments in resilience. The agency acknowledges threats’ increased frequency and intensity, encompassing natural disasters, targeted violence, and cyberattacks. The call to action is clear: prepare today to withstand or recover quickly in the event of an incident tomorrow.
To address the challenges an interconnected world poses, CISA collaborates with several federal agencies and non-government partners to provide actionable guidance, evidence-based practices, and digital tools. The goal is to empower school leaders to navigate the complexities of the digital landscape while fostering a secure and resilient environment for students and staff.
One critical resource CISA offers is the K-12 Bystander Reporting Toolkit, developed in partnership with the U.S. Secret Service National Threat Assessment Centre. This toolkit equips schools with simple strategies to implement and enhance safety reporting programmes, leveraging digital communication channels to facilitate reporting and response.
The K-12 School Security Guide Product Suite, another digital resource, offers districts and campuses tools and strategies to evaluate vulnerabilities, strengthen security measures, and enhance the protection of school communities. This suite reflects a comprehensive approach to digital and physical security in educational settings.
Recognising the importance of cybersecurity, CISA’s Cybersecurity for K-12 Education provides schools with tools, information, and resources to guard against cyber actors and reduce the likelihood of successful cyber incursions. Addressing systemic cybersecurity risks becomes an integral component of school safety plans as technology advances.
Further, CISA’s Tabletop Exercise Packages, designed to examine and test safety processes and plans through simulated exercises, incorporate digital scenarios to ensure that schools are prepared for various threat scenarios, including cyber incidents. This proactive approach helps schools identify digital resilience and response capabilities gaps.
The agency’s regionally based security advisors further contribute to building resilience by providing various risk management and response services, including guidance on addressing evolving digital threats. These advisors play a crucial role in ensuring that schools are equipped to handle the dynamic challenges posed by the digital landscape.
In the digital age, where information is shared at unprecedented speeds, CISA administers SchoolSafety.gov, a Federal interagency website serving as a one-stop access point to school safety information, resources, and tools. This platform covers various topics and threats, offering a holistic approach to creating comprehensive and sustainable school safety plans.
Critical Infrastructure Security and Resilience Month reminds the entire school community to unite in advancing safety efforts. The focus on digital resilience highlights the need for ongoing preparedness and adaptation to changing risk conditions. Throughout this month and beyond, CISA reaffirms its commitment to assisting school communities in maintaining safe, secure, and resilient learning environments in the digital era. The agency’s dedication to leveraging digital technology to benefit education underscores the importance of an inclusive and collaborative approach to cybersecurity and resilience in the nation’s schools.
In a meeting with the Private Sector Advisory Council (PSAC), President Ferdinand R. Marcos Jr. pledged support for pivotal legislative measures recommended by the PSAC Digital Infrastructure Group. These measures, aligned with the Philippine Digital Transformation Framework, aim to fortify cybersecurity efforts within the nation.
Expressing his commitment during a Palace gathering, the President affirmed his intention to prioritise and expedite the passage of three bills pending in the Senate. These bills, including the Cybersecurity Act, Anti-Mule Act, and the Online Site Blocking Act, are integral components of the nation’s strategy to bolster cybersecurity and safeguard digital assets.
“The structural requirements in legislation are evidently crucial. Let’s focus on the Cybersecurity Act, Anti-Mule Act, and the Online Site Blocking Act. Collaborating with the Legislature’s leadership, we aim to swiftly progress these bills,” explained the President to PSAC officials.
The bills, currently pending at the Senate, encompass vital aspects crucial for the country’s digital security and protection against cyber threats. The Cybersecurity Act, in particular, carries provisions designed to enhance the country’s cybersecurity resilience, fortify critical information infrastructures, and impose penalties for non-compliance with digital asset protection standards.
Recent cyber threats targeting government entities have underscored the urgency of passing the Cybersecurity Act, aligning with the administration’s commitment to securing public digital assets.
Citing statistics from a tech giant, a significant 85% of Philippine companies anticipate potential disruptions to their operations due to cybersecurity attacks within the next 24 months. Additionally, data from the Department of Information and Communications Technology (DICT) underscores the Philippines’ prominence as the fourth most targeted country globally, with approximately 3,000 cyber incidents reported between 2020 and 2022, half of which targeted government institutions.
Moreover, the proposed Anti-Mule Act aims to curb fraudulent activities related to bank accounts, e-wallets, and other financial platforms. The legislation seeks to criminalise activities like using fake identities to open accounts, unauthorised account transfers, and recruiting individuals for fraudulent account purposes. It will also enforce stricter penalties and delineate jurisdiction for law enforcement agencies.
Simultaneously, the Online Site Blocking Act, if passed, will combat online content piracy by instituting measures to block websites hosting pirated content. Advocates highlight the importance of safeguarding the creative industry and consumers from the perils of online piracy, emphasising the potential revenue loss and risks posed by pirate websites.
PSAC stressed the significance of fortifying laws to protect the creative economy, ensuring artists can create content without fear of theft. They underscored the necessity of empowering the Executive branch to implement these laws effectively.
The collective urgency to fortify cybersecurity measures and protect digital assets underscores the critical need for the prompt passage of these bills. President Marcos Jr.’s endorsement signifies a pivotal step toward reinforcing the country’s digital infrastructure and safeguarding its cyber landscape for the future.
Earlier this year the Asian Productivity Organization (APO) convened a pivotal training session focused on enhancing cybersecurity across its member countries. Intending to foster the adoption of robust cybersecurity practices among IT professionals, the event encompassed representatives from diverse nations. Notably, among the forty-four participants, fourteen were delegates from various Philippine National Government Agencies alongside active participation from the private sector.
The four-day intensive training facilitated addressed the pressing need to fortify defences against evolving cyber threats and shed light on the escalating complexity of cyber threats. With the proliferation of artificial intelligence (AI) in augmenting the capabilities of cyber assailants, the landscape has become more treacherous, amplifying the vulnerabilities of existing cybersecurity defence mechanisms.
Established in 1961, the APO stands as an intergovernmental organisation committed to fostering mutual cooperation and sustainable socio-economic development across the region. Serving as a think tank and offering policy advisory services, the APO has consistently spearheaded initiatives spanning diverse sectors. In its unwavering dedication, it plays a crucial role in enhancing the cybersecurity resilience of member countries.