By Adrian M. Reodique
Dec. 12, 2016
The Philippines' Department of Information and Communications Technology (DICT) last Thursday (8 December 2016) launched the National Cybersecurity Plan 2022.
The plan aims to secure the ICT environment by building a robust cybersecurity infrastructure.
"We are specifically mandated to protect consumers and uphold their rights for a free and open Internet," said DICT Secretary Rodolfo Salalima in a report by the Philippine News Agency.
In essence, the plan aims to assure the continuous operation of the country's critical infostructures, public and military networks; implement cyber resiliency measures to improve the ability to respond to cyber threats before, during, and after the attacks; as well as implement a public awareness campaign on cybersecurity measures.
The report said the plan will be able to institutionalise the adoption and implementation of Information Security Governance and Risk Management approaches that are based on global standards.
Besides that, the plan seeks to establish the National Computer Emergency Response Team (NCERT), which will enable the government to quickly respond and recover from cyber-attacks.
Meanwhile, Salalima added that they are asking for the assistance of the Malaysian government to impart their expertise in forming a coherent and well-developed cybersecurity plan.
During the Microsoft Cyber Security Summit last September, CyberSecurity Malaysia offered help to the Cybercrime Investigation and Coordination Centre (CICC), an attached agency of DICT, in providing trainings.
National Cybersecurity Plan
Under the plan, DICT will lead the coordination of national protection, prevention, mitigation, and recovery from cyber incidents; dissemination of domestic cyber threat and vulnerability analysis; security of public infostructure; and investigation of cybercrimes under its jurisdiction.
The Department of Justice (DOJ), the Philippine National Police (PNP) and the National Bureau of Investigation (NBI) are jointly in charge of the investigation and prosecution of cybercrimes, as well as enforcement of cybersecurity laws.
Meanwhile, the Department of National Defence (DND) will focus on defending the country from cyber-attacks; intelligence gathering of foreign cyber threats; securing national security and military systems and investigation of cybercrimes under military jurisdiction.
Lastly, the CICC is ordered to establish cybersecurity measures that would protect the country against cyberthreats. In line, it will enforce, evaluate, and monitor these cybersecurity measures through regular assessment and compliance activities. It will also conduct of annual cyber drills and exercises, as well as cybersecurity education and awareness programme.