“PENETRATION and hacking will always happen, and they are always unexpected!”
“First of all, it is all over the world, bad guys are always at least one step ahead. Otherwise, they were all in jail.”
These are words from an Israeli cybersecurity expert acknowledging the always-on threats from cyber criminals.
Unlike decades back, Sagiv Massad, executive director of Cyber Security and Technology, at Business Profiles, Inc., when governments defended their physical assets, today the “ability to harm and manipulate is being done more and more on the cyber domain because more and more assets are on the cyber domain.”
Perhaps, there is nothing, or at least, little to worry about for Filipinos as the government’s P508-million Cybersecurity Management System (CMS) Project is set to be activated by February 2019.
So, what’s in it for a country of over 108 million people, like the Philippines and its millions of Filipinos who are always-online?
The Department of Information and Communications Technology (DICT) has given its assurance of its benefits to every Juan and Juana.
DICT Assistant Secretary Allan S. Cabanlong and George T. Barcelon, president of Integrated Computer Systems (ICS), Inc. met with members of the media as they launched the CMS Project on January 16.
“If you have a secure government, if you have a secure infrastructure, if you have a secure banks, if you have a secure energy sector, if you have a secure Philippines, then there’s nothing to worry about,” Cabanlong said.
“If individuals are secure, then you can benefit from the use of technology. So, I think that it would be experienced by our countrymen, because they will no longer have a problem, or wonder and think their information being handled by the government will not be safe. So, I think this project will help.”
He emphasized the project is being implemented for all Filipinos, not just for DICT.
Initially, the cybersecurity defense umbrella covers the Office of the President (OP), DICT, Department of Finance (DOF), Department of Energy (DOE), Department of Foreign Affairs (DFA), Department of National Defense (DND), Department of the Budget and Management (DBM), Presidential Communications Operations Office (PCOO), National Security Council (NSC), and National Intelligence Coordinating Agency (NICA).
As the project rolls on, Cabanlong said, more government agencies will be covered.
The CMS Project is a joint venture between ICS and Verint Systems, Inc., an Isareli leading global cybersecurity company with projects across the world. It was founded in the United States in 2002, then located in Herzliya Pituach City, District of Tel Aviv, Israel.
Verint sent representatives at the launch event held at EDSA Shangri-La Hotel, Mandaluyong City, Metro Manila. But true to their profession they remained on a nondescript mode as much as the environment in the venue permitted. It was a full house.
Cabanlong spoke of the uncertainties that come when people don’t know what is coming. So, the government, he said, needs to get back “to our roots, to build a solid foundation that is stable, protected and, most of all, secure and, I say, cyber-secure.”
How cyber-secure, it should be known soon enough
In an exclusive interview with SDN — Science and Digital News, Massad conveyed the project’s timetable and other details.
At the launch of the Cybersecurity Management System Project (CMSP) of the Philippines implemented by the DICT and its partners ICS and Verint (EKU)
Business Profiles, Inc. has been active in the Philippines for over 20 years, with offices in key cities. It is an established security consultancy firm that focuses on Enterprise-Wide Risk Management and Corporate Business Security. It also looks after the interests of Israeli companies in the Philippines.
First, he acknowledged cyber criminals’ ability to be ahead of any cyber defense platforms.
“Penetration and hacking will always happen and they are always unexpected. But expecting the unexpected and using technology to mitigate it in real-time, this is a huge step and that is why we have the Philippines’ (CMS)”.
He said the implementation of the CMS will proceed from “a very detailed guidelines and instructions by DICT, which we are going to fulfill.”
“Actually, the first capabilities will be activated starting February. So, from February on, incrementally, the DICT will have a better and better and better capabilities. We believe that by October-November it will be fully operational,” Massad told SDN.
The Israeli technology expert said the CMS Project has about 10 months to be completed which would give DICT time to acquire the technology from Verint.
It is a special technology in cyber defense which is a patented technology, he added.
Together with the patented technology and the technology and knowledge transfer by ICS to the Philippines, they are aimed to create for the Philippines capabilities of First World countries with local Filipino structure and manpower, he said.
“(The) knowledge from Israel and the technology coming from Israel will enable DICT to provide cybersecurity in the level of the First World, state-of-the-art capability. And we are very proud to be part of it,” said Massad.
He emphasized how important cyber defense is to a country, saying it is a critical element these days in the ability of a country to defend itself.
The Business Profiles executive recalled that 20 or 30 years ago, countries had to defend their physical assets.
“As we move forward, the cyber domain is the one that holds a lot of information, lot of assets like patent, IT, national secret elements and so on. So, (the) need to defend the cyber domain of the Philippine government is part of the need to defend the Philippines,” Massad said.
“Just imagine that someone will go and take control over the transportation, power grid. So, someone has to do things, first of all, to identify such attack, what bad thing is done; second, is to mitigate in real-time
“And the technology that DICT is acquiring and the knowledge that will be given will enable actually the Philippine government to protect government assets and to enable (to defend itself)…(and prevent cyber attackers whether organizations, groups, or people from reaching their targets.”
Barcelon, chairman of the Philippine Chamber of Commerce and Industry (PCCI), recalled how ICS and Verint ended up as joint venture partners.
“When the cybersecurity project was floated many companies were interested. Our strength really is IT platform, hardware side and the connectivity side. So, we scouted for a partner who has the competence, who has the experience in cybersecurity. And, then, at the same time, this was borne of a common concern, Verint was also looking for a partner, who is reliable and who has the credibility and a history to back them up.”
But then, the ICS president noted, it took a long time for his company and Verint to get to know each other.
Barcelon said ICS finally signed a Memorandum of Understanding (MOU) with the Israeli cybersecurity firm during President Rodrigo R. Duterte’s visit last year to Israel. He added the President witnessed the signing rites.
“So, we feel very confident on their role which is on the software (side) and black boxes. They have the track record of doing this in other countries that have been successful,” he stressed.
“So, it is really well-defined, the role Verint will play. Wee have a role to play. And we are confident because of their track records. They have been to the Philippines many times, projects like these, they know they have the expertise and they are confident.”
Barcelon said ICS has been in the business for over 40 years though more on the corporate in nature but also did many government projects. “A project of this nature is a work in progress; you can see the best companies in the United States with their firewalls, they are still being hacked. Verint’s role is very important because of their experience.”
He said the launch of the CMS Project marks a significant milestone for the country.
Cabanlong revealed that the first 10 covered agencies by the CMS Project and 30 others soon were selected because of their high impact to the country’s “national security, economic stability, and technological stability.”
The CMS Project has roots in the National Cybersecurity Plan (NSCP) 2022 which the DICT launched in May 2017.
It was created to respond to the “urgency” of protecting the country’s critical information infrastructure (CII), government networks, businesses big and small, and Filipinos from cyber threats posed by online criminals.
Cabanlong said the government response to cyber threats cover before, during, and after attacks. (EKU)
Image at the top, courtesy of Pixabay.