A member of the academe is proposing the integration of the Department of Foreign Affairs in the effort to beef up the country’s National Security Cybersecurity Plan to counter foreign cyber threats.
“Diplomacy was not figured in the plan. The Department of Foreign Affairs was not part of the inter-agency framework. They are the front and center because of what’s happening now, the increasing cyber skirmishes. So diplomacy means norms. Diplomacy means international law. We already have a set of cyber norms,” De La Salle University Assistant Professor of International Studies Francis Domingo explained in a recent forum on the establishment of a strong and credible cyber defense posture in the Philippines hosted by the Stratbase Albert del Rosario Institute (Stratbase ADR) in partnership with the US Embassy in the Philippines.
“I argue that if we’re facing, let’s be blunt, Chinese cyber operations, the logical strategy is to leverage our alliance because we already have it. Whether the treaty covers cyber is still in a gray area but it does not mean that we can’t focus on capacity building, we can’t focus on exercises, and we can’t focus on diplomacy,” Domingo added.
Dan Ennis, a former director of the United States National Security Agency’s Threats Operations Center said government and private sector partnership is key in fighting cybercrimes.
“The biggest strategy you can do, from my perspective, to defeat cybercrime is by sector, by entity, by company, by government agency, by wherever you sit. Set a set of priorities that you will focus on and then communicate those priorities again and again and again. They may change over time, but that communication will do a lot of good, both in helping defend and helping our public gain confidence that we know what we’re doing both in the government and in the private sector,” he said.
Further, Ennis believes cyber threats will continue to evolve as seen in recent developments.
“I think our citizenry are going to begin to challenge us both in the public and private sphere with how we respond to cyber. At some point, our citizenry, our public, as they get more educated and as we attempt to fully educate them, is going to demand solutions. It’s an area that we need to be conscious of,” Ennis pointed out.
On the government side, the Department of Information and Communications Technology (DICT) said it is also pursuing public-private partnerships to secure cyberspace in response to the budget cuts in 2023.
DICT Undersecretary for Special Concerns Paul Joseph Mercado said the agency originally asked for a P34 billion budget for next year but only P5 billion was allotted in the proposed 2023 national budget.
Despite the reduction in their budget for next year, Mercado remained optimistic they can perform their mandate. “We are trying to make do with what we have. We will try to pursue public-private partnerships. There are ways even with limited budgets. If we spend this correctly, I think we will still have a very good future ahead of us in terms of these ICT projects,” Mercado explained.
The National Bureau of Investigation earlier said that there was a more than 200 percent increase in phishing cases reported to the agency in 2020, while the Department of Justice’s Cybercrime Office also reported a 264 percent increase in the number of reported online sexual exploitation of children from March to June 2020 alone.
A 2021 survey by Cybersecurity firm Sophos also showed that 69 percent of Philippine organizations experienced ransomware attacks in 2021. The Bangko Sentral ng Pilipinas also reported receiving 42,000 complaints related to online transactions in 2020-2021, amounting to P 540 million.
Collaborate with state allies
Stratbase ADR Institute President Victor Andres Manhit urged the Marcos administration “to explore opportunities to engage in bilateral, minilateral, and multilateral initiatives such as capacity-building and expertise-sharing activities with like-minded partners such as the United States as the country’s digital infrastructure needs to be strengthened as a result of the ongoing exposure to cyber threats, thus policies and initiatives must be developed and put into action,” he said.
Manhit also urged President Marcos to pursue a partnership with the country’s allies in the Indo-Pacific region to enhance defensive and offensive cyber capacities, increase state interoperability, and ensure collective security.
“Only by creating a strong and credible cyber defense posture will the Philippines and Indo-Pacific be able to achieve a secure and trustworthy digital community,” Manhit said.