The National Privacy Commission (NPC) said more than half of all data breaches in local companies result from internal issues, and called on the businesses to overhaul their internal data-management practices.
At the 15th Data Protection Officers Assembly (DPO15) on Tuesday, Deputy NPC Commissioner Leandro Angelo Aguirre said of the data breaches, only 47 percent were caused by malicious or criminal attacks, such as hacking or phising.
Aguirre said the other 53 percent were supposedly caused by internal factors. He explained that 24 percent were caused by human error and another 29 percent by a system glitch.
He urged the various companies, more particularly the financial sector, to remain vigilant and extend as much or even more urgency in managing risks, such as hacking and other
cybercrimes.
Just last year, one of the country’s top banks suffered from reputational and allied risks when accountholders began reporting unexplained and unauthorized debits to their savings accounts.
The Bank of the Philippine Islands promptly investigated and corrected the matter in which “human error” was blamed as root cause of the resulting data chaos.
NPC Chairman Raymund Liboro also urged local finance service providers to comply with the provisions of the Data Privacy Act of 2012 and emphasized the need to mitigate the risks as the sector becomes increasingly dependent on advances in technology.
“Data-privacy compliance is a must for all organizations that collect and process data. Determining your responsibility in protecting such data from acquisition, storage and transfer, not only helps your clients have that sense of security, but also strengthens your brand as a company that puts their customers above all else,” Liboro said.