In the past, cybersecurity and disinformation did not figure as threats, simply because they were nonexistent. The more obvious security threats were physical ones against our territorial defense. But with technology’s increasing prevalence and society’s reliance on it, societies are, more than ever, vulnerable to the disruptive and detrimental effects of cybersecurity breaches and other tech-related issues.
The Philippines is especially vulnerable, given that we are still in the nascent stages of digital transformation, with both digital infrastructure and technological know-how at best uneven across various places in the archipelago. Both institutions and individuals have yet to attain a technical sophistication that would effectively protect them from malign actors seeking to wreak havoc on their way of life.
President Ferdinand Marcos, Jr. has declared cybersecurity a priority because of its impact on national and economic security. This belief is shown by his approval on Feb. 8 of the National Cybersecurity Plan 2024-2029.
The National Cybersecurity Plan aims to provide the Philippines with policy direction and operational guidelines to build its cybersecurity capacities. Consultations with the private sector and the academe were conducted during the drafting of the plan to make sure it reflects the concerns of all stakeholders and the realities on the ground. It also looked at the cybersecurity plans of other countries to ensure that whatever the Philippines has would be at par with international standards.
Specifically, the plan addresses the need to develop responsive policies to fortify the Philippines’ cyber landscape and identify cyber assets and critical infrastructure. It incorporates advanced threat assessment to prevent incidents, promotes information sharing with international partners, and includes capacity building and upskilling of cybersecurity personnel.
The Department of Information and Communications Technology (DICT) is also conducting information campaigns to increase public awareness of the different schemes employed by cyber criminals.
But the Philippines’ pursuit of digital security transcends the approval of the National Cybersecurity Plan. There has always been a need for our country to continuously strengthen its cyber defenses under constant attack from state and non-state actors.
A good example would be last month’s attempts by alleged Chinese hackers to infiltrate the websites of several government agencies namely the DICT, National Coast Watch, Overseas Workers Welfare Administration, a regional office of the Department of Education, the Philippine Coast Guard, and the personal website of the President.
Then, too, there are the recurring incidents from aggressive and coercive actors in the West Philippine Sea. These actors have weaponized social media with their disinformation narratives.
In response, the Philippines has started using assertive transparency to counter such moves. This is a strategy that reinforces narratives based on legal foundations and data-driven studies and gathers support from the people who are made aware of what is happening out there. Social media plays a crucial role in this aspect. The message, plain and simple, is that the events at sea are very much a part of the national story, and everyone has a stake in it because the acts of aggressors are an affront to our sovereignty.
Narrative campaigns determine how issues are prioritized, and this has caused the Philippines to gain massive support from the Filipino public as well as from the international community on the issue of the West Philippine Sea.
The adoption of a cybersecurity plan and the employment of assertive transparency approaches are just some among the actions taken by the Philippine administration to address the potential harm that can be done by cyberattacks. But it should not be acting on its own. The current administration must aim to harness emerging technologies to participate in today’s global digital economy more effectively. A whole-of-society approach must be implemented with the primary goal of ensuring national security while simultaneously safeguarding the economy and the people.
The Stratbase Institute is thus pushing for the following:
Enhance education and cybersecurity awareness. Educating the people is a fundamental strategy in instituting a cyber-secure and cyber-safe population. This is particularly important as users serve as the weakest link in all instances of internet use and other cyber-related activities.
Boost government capacity to address cybersecurity risks. The attacks on government websites and databases are a cause for serious concern as people’s sensitive personal information are being targeted. There should be increased and continuous budgetary support for the procurement of appropriate ICT technologies, and ICT training of government officials and personnel. There should be improved ability to detect, prevent, and address cyber risks and potential attacks.
Expand national security. National security encompasses economic security as well as cybersecurity. Therefore, security policies and strategies must include directions to defend the country against cyberthreat actors. This also includes the assessment of cyber risks related to maritime security, particularly in the West Philippine Sea.
Emphasize cyber diplomacy. Recognizing common issues in the digital space, the Philippines must employ cybersecurity to cooperate with like-minded states. This expands its foreign policy strategy and deepens its diplomatic engagements. To reduce vulnerability, cooperation can include sharing of best practices in cybersecurity and information-sharing.
The Institute looks forward to a secure and thriving digital economy that can provide the Philippines a strategic and competitive advantage in maintaining an investment-led growth. We rest assured that the administration is truly cognizant of its priorities, and cybersecurity is rightfully one of these.
Victor Andres “Dindo” C. Manhit is the president of the Stratbase ADR Institute.