The Philippines is extremely vulnerable to cyber-attacks and incidents due to its large social media-savvy population and lack of data protection mechanisms. Despite the fact that the country ranks 30th in the world for e-security, it is 20% better than the global average, surpassing New Zealand, Australia and one of the DQL leaders, South Korea.
Cybercrime is a major concern for companies of all sizes, from brand new start-ups to established international corporations. With so many high-profile breaches over the last decade, the threat is as obvious as it is ever-present. Moreover, the COVID-19 has aided in increasing reliance on digital channels, but it has also attracted bad actors as online scams have increased.
Data has become an invaluable resource that “black hat” hackers (BHHs) use to gain something, primarily financial benefit. They have proven to be sophisticated and innovative geniuses when it comes to breaking into a system over the years. As a result, malicious attacks on numerous organisations worldwide, large, and small, have resulted in losses totalling millions of dollars, and are expected to cost trillions in the future.
OpenGov Asia reported that a UK-based cybersecurity firm found that Philippine organisations have spent an average of $820,000 (approximately P40 million) to recover from these attacks – costs that cover the ransom paid, and the costs incurred by the downtime. The cost is lower than the global average of $1.85 million. The global average is $170,404, with $3.2 million being the highest recorded in the survey.
These incidents have caused businesses all over the world to be more cautious, revaluate their perspectives on the importance of ethical hacking, and reconsider their cybersecurity strategies. With trends showing that cybercrime and cyber-related offences are on the rise, trained professionals are the need of the hour. Despite this, there aren’t enough cybersecurity professionals to meet the demand, with 2.046 million vacancies unfilled in Asia alone.
It is against this backdrop that White Hat Hackers (WHHs), also known as “good or ethical hackers, are being touted to improve the country’s cybersecurity measures. Their expertise is in high demand as Philippine companies have found themselves in the crosshairs of online adversaries looking for and exploiting weaknesses in their IT infrastructure.
The vulnerability of the country to cyber threats had also been highlighted by the country’s cybersecurity testing platform. The CEO of a cybersecurity company summarised the country’s national level of cyber risk, stating that the country is not in the worst state, but it could be better. There are countries with better cybersecurity, but the Philippines is learning and catching up quickly.
“With rising cyber threats in the Philippines, how can businesses become cyber-secure in this ever-changing digital era? A brighter future can be secured with the assistance of the cybersecurity community and a proactive, continuous mindset toward data security,” he said.
He, too, advocates the employment of WHHs who can detect and report IT and digital vulnerabilities that expose them to cyber-attacks as an agile and effective solution. WHHs can help businesses to identify flaws in their cyber security before they are discovered and exploited by others with criminal intent.
Ethical hackers, or WHHs, are in high demand, with the global marketplace for their services anticipated to reach $4.1 billion by 2027. This is especially true now, as remote working broadens the attack surface for vulnerabilities in the midst of the Covid-19 pandemic.
According to the National Cybersecurity Strategy Framework, the Department of Information and Communications Technology will be responsible to institutionalise the adoption and integration of Information Security Governance and Risk Management approaches through its attached agency, the Cybercrime Investigation and Coordination Centre (CICC).
CICC is responsible for all functions related to cybersecurity including the formulation of the Philippines National Cybersecurity Plan, the establishment of the National Computer Emergency Response Team (CERT), and the facilitation of international cooperation on intelligence regarding cybersecurity matters. The CICC, on its part, has the vision to be manned by professional and dedicated personnel, fully equipped with knowledge, skills and tools for a cyber-safe Philippines by 2025.