Thursday, May 23, 2024

To combat cyber threats in Asia, a whole-of-society approach is required

“A harmonious whole-of-Asia and whole-of-society approach to fight cyber threats in the region has to be orchestrated among government and private sector leaders in ASEAN and Japan, along with other countries in the region. Asian countries face the same threats, and all countries attending confirmed that their respective government’s digital infrastructure along with Critical Information Infrastructure (CII) are also being attacked constantly by international and even local threat actors. When government and private sector organizations work hand-in-hand to fight cyber threats, citizens will benefit the most. We already see the positive dynamics and impact of this cybersecurity community in the region.” ~Lito Averia, President of the Philippine Computer Emergency Response Team (PH-CERT)

Stronger and more collaborative public-private partnerships will result in responsive and proactive initiatives to protect Asia's citizens and critical information infrastructure from global and local cyber threats.

Leaders from the Philippine Cybersecurity and Data Protection Communities of Practice who attended the ASEAN-Japan Cybersecurity Technical Working Group joint meeting emphasized the importance of all government and private sector organizations collaborating to combat cyber threats in Asia.

PH-CERT and NADPOP estimate that the Philippines requires 180,000 trained and validated cybersecurity professionals to protect its critical infrastructure assets proactively and effectively. Both communities agreed that the Philippines requires a comparable number of Data Privacy and Governance, Risk, and Compliance (GRC) trained and validated professionals.

“The constantly increasing cyber attacks on government digital ecosystems and CIIs call for nations in the Asia region to establish concrete solutions such as an Information Exchange Network which will serve as a cyber weather station that will receive, verify, then send out threat alerts to everyone that will impacted in the region. In parallel, each country should continue to produce new cybersecurity professionals and to upskill current cybersecurity and information security personnel that are already working in government and private organizations. What is emerging through these meetings is a regional force for good that will serve as a shield for countries and citizens against threat actors, who are now using AI in their attacks. We are inviting all active Communities of Practice in the region to collaborate with our regional community, the AJCCA, as threat actors are also organized in their actions. During these times, we truly need a whole-of-region, whole-of-society, and even whole-of-community cooperation to effectively respond to cyber threats.” ~Sam Jacoba, Founding President of the National Association of Data Protection Officers of the Philippines (NADPOP), and PH-CERT Vice President

PH-CERT and NADPOP are also attending the fifth board meeting of the newly formed ASEAN-Japan Cybersecurity Community Alliance (AJCCA), a community event co-located with the 2024 2nd ASEAN-Japan Cybersecurity Working Group Meeting organized and hosted by the Cambodian government.

The 2nd Joint Government-Industry-Academia (J-GIA) CA meeting between AJCCA and government cybersecurity representatives from ASEAN and Japan emphasizes the importance of harmonious regional collaboration, with a focus on the five pillars of the United Nations International Telecommunications Union's Global Cybersecurity Index (GCI). The five cybersecurity pillars are: legal, technical, organizational, capacity building, and cooperation.

Averia and Jacoba stated that joint initiatives between the government and the private sector will be implemented soon as a result of these quarterly regional meetings. These initiatives have the potential to close major gaps in the GCI Cybersecurity Pillars for each country and the region as a whole.

Organized at the turn of the century, the Philippine Computer Emergency Response Team or PH-CERT is a non-stock, non-profit organization institutionalized in March 2001 by the Securities and Exchange Commission (SEC) of the Republic of the Philippines (RP). Its primary purpose and advocacy are the following: to increase the awareness for Information Security and Cybersecurity; develop an inclusive Information Security (InfoSec) and Cybersecurity Workforce; and adopt InfoSec and Cybersecurity standards, and best practices to uplift their practice in the Philippines and the Asia-Pacific Region.

The National Association of Data Protection Officers of the Philippines (NADPOP) is the Philippine’s first community of Data Privacy, Data Protection and Cybersecurity Practitioners in the Philippines. Established and institutionalized by the Securities and Exchange Commission (SEC) of the Republic of the Philippines in 2018, NADPOP is a non-stock, non-profit organization whose vision is a Cyber, AI and Data Resilient Philippines. It aims to transform the Philippines into a Global Center of Excellence in Data Privacy, Data Protection, and Cybersecurity. NADPOP will do this by inspiring, empowering, and prospering Data Privacy, Data Protection, and Cybersecurity Professionals and Practitioners in the Philippines, and in the Asia-Pacific Region.

The ASEAN Japan Cybersecurity Community Alliance (AJCCA) is a collaborative initiative formed by nine leading cybersecurity communities from ASEAN nations and Japan. AJCCA is dedicated to enhancing cybersecurity capabilities, information sharing, and mutual support among its member nations to address the evolving challenges in the digital landscape. AJCCA’s Vision is a dynamic and resilient cybersecurity community in our region through trustworthy and respectful collaboration.

No comments:

Post a Comment