Securing cyberspace through a whole-of-society approach

Artist's rendition of cybersecurity
Image by VIN JD from Pixabay

The increasing connectedness among states in the Indo-Pacific region reflects the steady expansion of the digital sector. The emergence and evolution of new technologies facilitate growth that cuts across various industries including defense and security, health, infrastructure, and trade and investment among others. 

While technology ushers in innovation, boosts competitiveness, and fosters economic growth, it also changes the landscape of challenges that states face today. Specifically, the advent of threats in cyberspace prompts the inclusion of cybersecurity at the forefront of today’s global discussions.

There is a growing trend of recognition among governments and militaries that cyberspace has become a platform for increased crime and attacks. These cyber risks increasingly threaten the national security of states and the welfare of citizens. Cyberattacks, cyber espionage, and other illicit digital activities undermine states’ respective cyber capabilities, endangering regional security and stability.

In response, states have shifted their strategic interests by venturing into cyber governance. Like-minded countries such as the United States and Australia crafted their respective cybersecurity strategies to monitor, counter, and mitigate potential threats. Cybersecurity has also been incorporated in the National Security Strategy of Japan to ensure a secure and stable cyberspace.

For the Philippines, safeguarding the new domain is an essential element of securing the nation. With the overarching goal of national cyber resilience, the current administration is taking steps to enhance the countries’ cyber competence and capabilities.

The gravity of the importance placed on cybersecurity is reflected in the National Security Policy 2023 – 2028. It identifies cyber, information, and cognitive security as a priority agenda. The government, in consultation with the private sector and other stakeholders, is also formulating an updated National Cybersecurity Plan in response to the evolving digital landscape. Additionally, a proposal to establish a Cyber Command under the Armed Forces of the Philippines is underway. 

The series of data breaches and hacking of government agencies’ websites including the Senate, House of Representatives, Philippine Health Insurance Corp., and Philippine Statistics Authority underpins the need to strengthen cyber capabilities.

Fortifying our cyber defense posture requires reinforcing competencies and capabilities on various levels involving the whole society. It requires a multifaceted approach that takes into consideration investments in people, processes, and technology. This includes the simultaneous capacity building of individuals and organizations as well as the institutionalization of measures on the national and international levels.

Cybersecurity is more just about technology. It is also about people. Individual users are the most vulnerable to cyberattacks and serve as the weakest link in the digital ecosystem. As such, users must be mindful of their online activities particularly since attack mechanisms continue to evolve and cyber criminals reinvent their modus operandi.

At the minimum, users must employ cyber hygiene to ward off cyber criminals. This includes enabling multifactor authentication to provide digital identities with an added layer of resilience, and remaining mindful of validating sources before clicking links, responding to emails, and downloading attachments that may have been sent by malicious actors with ill intentions.

On the organization level, companies must ensure that their information and communications technology (ICT) teams have the capability to manage company-issued devices used by employees. To guarantee the protection of sensitive company information such as personnel data, business strategies, and financial documents, it is paramount that issued devices support encryption, run on the latest operating system, use licensed software and programs, and are routinely patched. More importantly, companies must ensure that their digital files are backed up, either in their on-premises infrastructure or to be most secure, in the cloud. 

On the national level, the current administration has already spearheaded initiatives as part of its digital transformation agenda. It has realigned its strategic interests to include the cyber domain as part of its priorities. However, there is more that needs to be done. 

Maximizing the potential of cyberspace on the national level does not simply mean acquiring the latest equipment with cutting-edge technology. Personnel must also be well-versed in the operationalization and maintenance of these acquisitions through reskilling and upskilling. The current shortage of ICT personnel in the bureaucracy may be addressed by incentivizing ICT professionals through security of tenure, reduced practice of contract-of-service hiring, and provision of competitive compensation.

Furthermore, ensuring a secure Philippine cyberspace necessitates active collaboration between the public and private sectors. Leveraging the private sector’s resources and expertise minimizes the government’s burdens of limited finance and human capital.

Combining the strengths of both sectors by conducting tabletop exercises, establishing a joint security operations center, and utilizing private sector-developed technologies such as the cloud paves the way for a deeper understanding of the potential impact of attacks and a streamlined response to security incidents.

Lastly, at the international level, creating a united front against threats in cyberspace is critical given the ability of these threats to transcend borders. The Philippines must continue to engage in bilateral, minilateral, and multilateral partnerships to fully benefit from the evolution of cyberspace and defend its national interests in the cyber domain.

Overall, a strong cybersecurity posture accomplished through an inclusive, whole-of-society approach is critical. A robust cybersecurity landscape will allow the Philippines to vigorously hold its ground against attacks, to safeguard its citizens and businesses, and to fully participate in today’s digital economy.

 

Katrina Guerrero is a senior program and research associate at the think tank Stratbase ADR Institute.
 

Show comments