With the Department of Information and Communications Technology (DICT) given the green light by the Duterte administration to create a national broadband infrastructure program, Lenovo, the world’s top PC maker, reminds the government that it should never forget to invest on improving data security in order to protect confidential information against cyber criminals.
Invited by OpenGov Asia to talk about cybersecurity, Lenovo Enterprise Sales Specialist Bryan Beronilla shared his insights and expertise about data security and also advised government agencies to treat cybersecurity as an imperative and not just an option since they are one of the most attacked sectors.
“Hackers tend to target government agencies because of the preconception that government agencies do not yet have a proper set of security protocols in place,” said Beronilla. “Also, the confidential data collected by the government automatically makes them a gold mine for hackers.”
Cybersecurity now is particularly relevant given that two high-profile incidents last year — the Bangladesh bank heist and the hacking of the Philippine election data from the Commission on Elections — demonstrated the weakness of the country’s network security infrastructure. The issue also comes in to a pivotal moment where the country is experiencing tremendous economic growth, being hailed as Asia’s fastest-growing economy in the second quarter of 2016. Undoubtedly to sustain this growth and develop further, the country must improve its data security.
According to the 2017 State of Malware Report by Malwarebytes, the Philippines is now the world’s “botnet haven” due to accounting for over 50% of botnet detections in the Asian region. The report also added the country is home to a disproportionately large source of banking Trojan malware.
This issue was again present during the OpenGov forum where different members of the government admitted that they lack the right personnel and technology to combat cyber threats and that “internal hacking” is a frequent issue alongside the overlooking of authentication processes.
Strategy is Key
To achieve a secure environment, Beronilla advised agencies that they should first develop a defined data security protocol, even before acquiring any technology. “A strategy allows for centralized control, decision-making, and is the only way that policy, funding, and action can be coordinated to solve a common problem which, in this case, is the protection of data. Having a defined IT and Information Management Strategy is crucial as this essentially lays the foundation of the data security protocols and measures to be applied.”
Michael Ngan, Lenovo Philippines Country General Manager, recommends that agencies should approach data security holistically by making it as an imperative rather than an expense by creating a department solely dedicated to protecting data.
“By developing a separate group, agencies can now gather crucial data which can be used to track where in the organization the data flows, allowing the agency to protect the data in every stage and in every part of their infrastructure. This is similar to data being water and infrastructure as pipes. If you want to ensure no water leaks then you have to visit and fortify every pipe in which water flows.”
Lastly, Ngan urges the government to train their employees on the basics of data security. “Security breaches can come from anywhere, from external and internal means to physical and digital means. This alone makes educating employees a crucial part in the government’s national broadband plan.”