Philippine cybersecurity sector seeks unified approach

THE PHILIPPINE cybersecurity industry is urging  government and private-sector players to move away from reactive, fragmented policies and adopt consistent standards and resilient infrastructure to counter rising cyber threats.

“What we are seeing today is the result of years of underinvestment, lack of coordination and misplaced priorities,” Angel T. Redoble, chairman of the Philippine Institute of Cyber Security Professionals, said in a statement. “We need coordinated reforms, not a patchwork of projects. That is the only way to defend the country from a new generation of cyber threats.”

Mr. Redoble criticized the country’s reliance on ceremonial and piecemeal approaches, calling for a whole-of-nation strategy anchored in robust policy, clear standards, reliable infrastructure and a skilled workforce.

He also cited the importance of international cooperation, noting that most cyber threats today cross borders and cannot be managed in isolation.

The industry group pointed to gaps in the Department of Information and Communications Technology’s (DICT) cybersecurity projects. Despite claims of enhanced monitoring and defense, government systems “remain alarmingly exposed,” it said.

The group’s advocacy includes aligning legislation and security protocols with global best practices, establishing coordinated national incident-response systems and investing in human-capacity development.

Its members include cybersecurity practitioners, educators, researchers, law-enforcement partners and technology professionals.

Cybersecurity incidents are already affecting local businesses. US cyber defense firm BlueVoyant earlier said 84.5% of Philippine organizations reported an average of three breaches each in 2024, largely due to gaps in third-party cyber risk management.

Mr. Redoble said consistent policies and unified standards would reduce vulnerability across the public and private sectors.

Industry experts say the Philippine government’s growing reliance on digital services — from online banking to public-sector platforms — makes the lack of coordinated cybersecurity increasingly risky.

Without an integrated national framework, both sensitive data and critical infrastructure remain at risk from evolving threats, including ransomware, supply-chain attacks and state-backed cyber operations.

The industry call comes as regional cybersecurity threats escalate and the Philippines seeks to strengthen its digital economy while safeguarding sensitive information against both criminal and geopolitical actors. — Beatriz Marie D. Cruz