BusinessMirror
  • News
    • News
    • Top News
    • Regions
    • Nation
    • World
    • Asia Today
  • Business
    • Business
    • Agri-Commodities
    • Asean Economic Community
    • Banking & Finance
    • Companies
    • Economy
    • Entrepreneur
    • Executive Views
    • Export Unlimited
    • Harvard Management Update
    • Monday Morning
    • Mutual Funds
    • Stock Market Outlook
    • The Integrity Initiative
  • Sports
  • Opinion
    • Opinion
    • Columns
    • Editorial
    • Editorial cartoon
  • Life
    • Life
    • Art
    • Design&Space
    • Digital Life
    • Journey
    • Motoring
    • 360° Review
    • Property
    • Show
    • Tech
    • Tourism
    • Y2Z
  • Features
    • Biodiversity
    • Education
    • Envoys & Expats
    • Explainer
    • Faith
    • Green
    • Health & Fitness
    • Mission: PHL
    • Our Time
    • Perspective
    • Photo Gallery
    • Science
    • Today in History
    • Tony&Nick
    • When I Was 25
    • Wine & Dine
  • BMPlus
    • BMPlus
    • SoundStrip
    • Live & In Quarantine
    • Bulletin Board
    • Marketing
    • Public Service
    • CSR
  • The Broader Look

Today’s front page, Monday, September 25, 2023

Subscribe
BusinessMirror
BusinessMirror
  • News
    • News
    • Top News
    • Regions
    • Nation
    • World
    • Asia Today
  • Business
    • Business
    • Agri-Commodities
    • Asean Economic Community
    • Banking & Finance
    • Companies
    • Economy
    • Entrepreneur
    • Executive Views
    • Export Unlimited
    • Harvard Management Update
    • Monday Morning
    • Mutual Funds
    • Stock Market Outlook
    • The Integrity Initiative
  • Sports
  • Opinion
    • Opinion
    • Columns
    • Editorial
    • Editorial cartoon
  • Life
    • Life
    • Art
    • Design&Space
    • Digital Life
    • Journey
    • Motoring
    • 360° Review
    • Property
    • Show
    • Tech
    • Tourism
    • Y2Z
  • Features
    • Biodiversity
    • Education
    • Envoys & Expats
    • Explainer
    • Faith
    • Green
    • Health & Fitness
    • Mission: PHL
    • Our Time
    • Perspective
    • Photo Gallery
    • Science
    • Today in History
    • Tony&Nick
    • When I Was 25
    • Wine & Dine
  • BMPlus
    • BMPlus
    • SoundStrip
    • Live & In Quarantine
    • Bulletin Board
    • Marketing
    • Public Service
    • CSR
  • The Broader Look
  • BM Reports
  • Top News

Data-privacy law to boost PHL cybersecurity sector

  • Oliver Samson
  • October 30, 2017
  • 863 views
  • 4 minute read
In Photo: An unidentified information-technology (IT) staff checks a web site for reports of a security breach. Experts believe a five-year-old law has become more relevant and could boost awareness on IT security.

Part One

THE Data Privacy Act of 2012 would generate increase in the demand for information security, information-technology (IT) security experts observed.

These experts believe the law would open the door to the sector wider, as it requires private and public organizations in the country that collect and store personally identifiable information to safeguard these sensitive data.

The compliance by organizations with the Data Privacy Act ,in effect, would boost the IT security industry as it compels them to take protective technical measures to safeguard data, according to Philippine Computer Emergency Response Team President Lito Averia.

Fellow IT security expert Angel T. Redoble shares Averia’s observation. Redoble, who is also president of nonprofit group Philippine Institute of Cyber Security Professionals, said the Data Privacy Act would benefit the industry as triggers increase in the demand for data protection.

“Now that there’s a law that requires organizations to protect data, the IT security industry in the country foresees more growth,” he said.

Redoble noted that securing data has long been a responsibility among organizations engaged in collecting and storing personally identifiable information.

Dominic Lucenario, one of the software developers at the Filipino and homegrown Pandora Security Labs Inc., also said that with the data-privacy law in place the local demand for IT security would grow.

Controls

ACCORDING to Lucenario, the firm’s development of an enterprise firewall this year is timely since the Data Privacy Act is being implemented aggressively by the National Privacy Commission (NPC).

To give an idea, securing a network may cost up to $1 million, a Kaspersky Lab executive told the BusinessMirror in a recent e-mail interview.

Protecting a network may cost a small organization in the Philippines some $1,000 while a big one $1 million, said Slyvia Ng, general manager at Kaspersky Lab Southeast Asia.

The figures were based on the joint study conducted by Kaspersky Lab and B2B International that engaged some 4,000 business representatives from 25 countries in a survey in 2016.

The cost of damage could be bigger than the amount of money invested by an organization in safeguarding its IT infrastructure when compromised, Ng added.

“The cost of damage can get bigger when the breach remains unnoticed for a long period of time,” she said.

An organization’s extent of vulnerability would determine the cost that entails the application and implementation of the right security measures, Redoble pointed out.

“The cost involved in securing a network depends on the risk level of a particular organization,” he said. “But there are compensating controls that are not expensive.”

Dangers

LUCENARIO and fellow software developers at Pandora Security Labs mentioned in an interview that their company offers network security to organizations at a lower cost than their counterparts do.

The company offers its own security software together with the technical skill and manpower involved in securing network, like monitoring, assessment and the response to block threats to data.

Pandora Security Labs’s security software and pool of technical skills are on board health care, retail, manufacturing and logistics sectors, said Isaac Sabas, its CEO.

According to Averia, personally identifiable information includes the name, address and birthday of a person. “Basically, your name, birthday, address and telephone number taken together could identify you,” Averia said.

When personally identifiable information is compromised, the person to whom these sensitive data belong runs the risk of identity theft, Averia warned.

The Commission on Elections (Comelec) data leak prior the 2016 national and local polls is an example of major data breach, he said.

“The general theory was personally identifiable information belonging to the registered voters might have been used for identity theft,” Averia added. “That’s the basic danger when personally identifiable information
is compromised.”

Breach

THE Comelec data breach last year, which put personal information of 55 million registered voters at risk, made the decision-makers realized the extent of damage when the network is compromised, he pointed out.

Prior to the hacking, the decision-makers used to take for granted information-security issues that technical and competent people had long been trying to make them understand, Averia said.

When a person’s personal and sensitive data are leaked, somebody may use the “credentials or personally identifiable information” in his favor, he explained.

“Persons of ill will can use the data in committing fraud. It happened and there have been [many] cases.”

Averia recalled a new board-exam passer who had fallen victim to identity theft after posting on social media his new identification card, which contains personally identifiable information.

“The information in the identification card were used in applying for loan,” he said.

Personally identifiable information can also be employed by somebody to unauthorized use of a bank account, according to Averia. However, doing so entails a more complex than using the information in applying for a loan, he added.

According to Averia, an individual’s personally identifiable information can also be used by another to apply for a counterfeit credit card.

Freebies

PUBLIC organizations engaged in the collection and storage of personally identifiable information of private individuals includes government agencies like the Comelec, Social Security System and the Bureau of Internal Revenue, Averia explained.

On the other hand, private organizations that collect and store similar data include banks, hospitals and others, he added.

“It is now required that when a public or private organization collect data, there must be disclosure of the purpose of such collection,” he said. “The organization has to secure the consent of the person in collecting them.”

Averia mentioned events where organizers or sponsors are collecting personally identifiable information from guests in exchange of freebies, token gifts or promises of gains.

To be continued

Image credits: Nonie Reyes

0
0
0
0
Share 0
Tweet 0
Pin it 0
Share 0
Related Topics
  • Featured

Know more

Know more
  • 2 min
  • Top News

Budget gap widens by 84.6% To P133B in August

  • Jasper Y. Arcalas
  • September 25, 2023
Know more
  • 3 min
  • Top News

PCG, BFAR score China’s bid to block Bajo De Masinloc

  • Rex Anthony Naval
  • September 25, 2023
Know more
  • 2 min
  • Top News

M3 posts slowest growth of 5.7% in 6 mos–BSP

  • Cai U. Ordinario
  • September 25, 2023
Know more
  • 3 min
  • Top News

PSA data show highest and lowest paid workers in PHL

  • Cai U. Ordinario
  • September 25, 2023
Know more
  • 2 min
  • Top News

High interest rates prompt July U/KB lending slowdown

  • Cai U. Ordinario
  • September 25, 2023
Know more
  • 3 min
  • Top News

MAP, Arta, DILG and DICT to boost EODB among LGUs

  • Andrea E. San Juan
  • September 25, 2023
Know more
  • 2 min
  • Top News

Biden’s trade, investment mission to PHL set in 2024

  • Malou Talosig-Bartolome
  • September 25, 2023
Know more
  • 3 min
  • Top News

Chinese travel to PHL for ‘Golden Week’ remains tepid–data analyst

  • Ma. Stella F. Arnaldo
  • September 25, 2023
Know more
  • 7 min
  • International Relations
  • Military
  • Top News

‘An ally till the end’

  • Rex Anthony Naval
  • September 24, 2023
Know more
  • 4 min
  • Top News

Taiwan’s former top cop wants China talks if voted president

  • Scarlet Fu and Jennifer Creery | Bloomberg News
  • September 24, 2023
Know more
  • 8 min
  • Energy
  • Environment
  • Renewable Energy
  • Top News

‘Power like no other’

  • Lenie Lectura
  • September 23, 2023
Know more
  • 1 min
  • Top News

Chinese Ambassador leads rites marking China’s Founding Anniversary

  • BusinessMirror
  • September 23, 2023
Know more
  • 4 min
  • Top News

37-year-old security guard finishes college as scholar

  • BusinessMirror
  • September 23, 2023
Know more
  • 3 min
  • Economy
  • Environment
  • Top News
  • Tourism

DOT to tap new markets of leisure divers; industry earns ₱37B in 2022

  • Ma. Stella F. Arnaldo
  • September 22, 2023
Know more
  • 2 min
  • Nation
  • Top News

6 groups interested in ₱170.6-B Naia PPP deal, says DOTr chief

  • Lorenz S. Marasigan
  • September 22, 2023
Know more
  • 5 min
  • Environment
  • Health & Fitness
  • Top News

Health concerns rise as smog and volcanic ash blanket Calabarzon and NCR

  • Jonathan L. Mayuga and Lenie Lectura
  • September 22, 2023
Know more
  • 2 min
  • Top News

Filipino firms were less optimistic about economy in Q3–BSP poll

  • Cai U. Ordinario
  • September 22, 2023
Know more
  • 2 min
  • Agri-Commodities
  • Politics
  • Top News

From 15 to just 7 days: Marcos eyeing to cut validation time for rice imports

  • Samuel P. Medenilla
  • September 22, 2023
Know more
  • 1 min
  • International Relations
  • Military
  • Top News

Philippines, Canadian frigates complete ‘bilateral sail’ in WPS

  • Rex Anthony Naval
  • September 22, 2023
Know more
  • 2 min
  • Obit
  • Top News

Former Marikina mayor and legislator Bayani F. Fernando passes away at 77

  • Claudeth Mocon-Ciriaco
  • September 22, 2023

1 comment

  1. Dan White says:
    October 30, 2017 at 8:00 pm

    Data privacy should demand IT security, as this article emphasized. Yet, unless companies protect themselves against attacks like phishing and spoofing attacks, by using cybersecurity tools such as a web application firewall (WAF) – and not just a physical box, they can protect themselves. The ROI is clear once a breach occurs.

    The EU is trying to duplicate the Philipines with the GDPR regulation at a much larger scale. Hopefully, this will cause companies to listen.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe

BusinessMirror
  • About Us
  • Contact Us
  • Advertise with us
  • Privacy Policy
  • Cookie Policy
  • Podcast
  • Text-Only Homepage

Input your search keywords and press Enter.