In a case of one state agency helping another, the state-owned Development Bank of the Philippines (DBP) has signed a Memorandum Of Agreement (MoA) with the Cybercrime Investigation and Coordinating Center (CICC) to further strengthen the bank against potential cybersecurity threats and boost its capacity to defend critical system infrastructure, a top official disclosed.
CICC is a government body created upon the approval of Republic Act 10175 (the Cybercrime Prevention Act of 2012). As such, it is an attached agency of the Department of Information and Communications Technology (DICT). Thus, it is also chaired by the DICT Secretary. Its main task as the foremost cybersecurity body of the country is to ensure the Philippines can thwart and defend itself against cyber threats and attacks — internal or external.
Over the years, DBP has grown vigorously since its charter in 1947 after the war. Today, it boasts of total assets exceeding PhP 1 trillion and is considered the fifth-biggest bank in terms of assets on the archipelago. Its network includes 131 branches and 12 branch-lite units. It’s a development bank that provides credit support to four strategic sectors of the economy – infrastructure and logistics; micro, small and medium enterprises; environment; social services and community development.
Emmanuel Herbosa, DBP President and Chief Executive Officer, detailed CICC would be providing the necessary technical expertise and assistance to DBP in crafting the bank’s cybersecurity plan. The cybersecurity body will also ensure the bank’s alignment with globally-accepted standards and protocols of the national cybersecurity plan.
DBP acknowledges that investing in cybersecurity is not only a crucial concern but also indispensable to protect the stakeholder data and information stored in our system.
– Emmanuel Herbosa, President and Chief Executive Officer, Development Bank of the Philippines
Under the partnership, Herbosa said DBP and CICC would collaborate in institutionalising cyber policies to pave the way for the adaptation of needed technologies to protect DBP’s data, endpoints, and critical infrastructures.
Moreover, the agreement also entails the monitoring of the bank’s compliance to mitigate threats in cyberspace. That means CICC will assist DBP in coordinating with appropriate agencies in case of cybercrime incidents.
While the pandemic has forced businesses to adopt digital transformation, cyberthreats have also spiked in the region. As operations become more digital, opportunities for cybercriminals also increases. Not only are there more ways to target a business entity but also there are more data for exposure. More and more small and medium-sized businesses (SMBs) that went digital because of the coronavirus pandemic are experiencing cyberattacks that affect their operations, a recent study revealed. More than half of SMBs in the country experienced cyberattacks in the past 12 months.
DBP’s move is timely. Last December, the Department of Finance directed all government financial institutions under its administrative supervision to enhance their respective cybersecurity defence systems amidst an expected increase in cybercrimes due to a surge in the use of digital transactions. As it is state-owned, DBP is part of that list.
The Philippines is aware of the massive role of technology in moving its economy. Thus, it has recently been putting a lot of effort into piecing all the pieces together in its bid towards digital transformation. For instance, the country is giving technological innovations for its key cities a priority. The Innovative Cities Initiative is bound to make an example out of Makati City — transforming the Central Business District into a Silicon Valley.
As reported on OpenGov Asia, Manila is giving tax breaks and a host of other incentives to mobilise entrepreneurs and businesses into developing emerging technologies under the CREATE Law. Such a focus on digital adoption is creating a lot of awareness for businesses. Just recently, Philippine bankers had the opportunity to learn some best practices on cybersecurity from the United Kingdom.