On 27th March, 70 million personal records were stolen from the Philippines election commission database. It was one of the biggest data thefts in the world, and certainly – a prominent failure in government to secure citizen data.
In response, the Philippines government had to tighten up its cyber defences. It established a new agency, the DICT, which was tasked to overlook the country’s ICT capabilities; and nested within that is the Philippines cybercrime centre.
The unit – led by Allan Cabanlong – will implement policies that secure services for both the private and public sector, coordinate the protection and recovery of cyber attacks, and spread situational awareness by collaborating with other agencies responsible in cyber prosecution and intelligence gathering.
GovInsider caught up with the Executive Director of the Cybercrime Investigation and Coordination Center (CICC), to find out more about how the country is setting up its own cyber security unit and the roadblocks faced.
The Philippines Government is facing a major shortage of cyber skills in the public sector. “In the government level we really lack the kind of people that can help us, or that can be employed”, he says.
Cabanlong plans to solve this by hiring fresh graduates or people with basic cyber skills – those willing to serve their country at a lower pay – and train them from the ground up. “We’re going to re-tool them, train them and get them in. That’s a very challenging job.”
He hopes that by providing them the “incentive” of proper training, they would stay on and serve the government. “You need to motivate these people”, he says, “It’s not [about] money – you know, it’s the government – salaries are very low in this field”.
His plans are to start hiring in January, once he gets approval. But “we don’t have yet those people; I am the only person in the agency”, Cabanlong admits. The team will consist of 94 people – 70 percent young staff of 21 to 28 year olds, and 30 percent senior division heads. Cabanlong will use a consultancy package to attract the private sector contractors.
Securing key infrastructure
There are four key imperatives in the country’s national cybersecurity strategy: protecting critical infrastructure; government; businesses; and individuals.
The government regards its national grid as its top critical infrastructure – as power runs other facilities. Others include banks, transportation, the oil and gas sector and the chemical industry, he states.
Cabanlong believes that attacks on critical infrastructure can be mitigated through the control of its operations centre. 20 percent of threats are external and can be prevented, he says, and “that’s where we come in”. He is keen for the industries to share data sources like threat information and traffic patterns to the operations team. “Then we can alert everybody within our system that this is the signature – block it, and we will then do the attribution”, he says.
Setting up a new unit is tough work. “The struggle right now is budgetary constraints”, he admits. So he is gathering all the support he can get – from private firms and governments around the world. Malaysia will be the CICC’s first partner to help set up and build cyber capabilities in the country, it was announced at the Microsoft Cyber Security Summit last month.
Cabanlong is learning from the challenges that other countries first faced when they set up their cyber units; “birth pains”, as he describes it. He collected the best practices from the United States, Europe and ASEAN, and then crafted suitable policies, standards and strategy outlines that applied to the Philippines. The roadblocks “can be minimised because we collected the best practices already – and they’ve already tested these in their country”, he says.
In the cyber realm, there are no physical boundaries; the key to achieving security lies in having strong partnerships, he believes. “Cybersecurity is about collaboration and cooperation. Otherwise, it’s stalemate right? Your king will fall.”