MANAGING the country’s cyberspace requires legislation, an information technology (IT) security analyst said.
A law would compel strategic industries to take highest level of safeguards from the mounting and gone more intelligent cyber threats, Angel Redoble told the BusinessMirror.
Redoble, president and CEO of RFC (Risk Factor Corp.) Advisory Services Inc., spoke after anti-virus software developers warned of state-controlled cyberattacks on several countries, including the Philippines.
We need to secure industries, like finance and banking, power, energy, water, transportation and telecommunications, which are the likely targets of cyberattacks, Redoble said in an exclusive interview on May 11.
He explained these attacks have been steadily increasing and only seek to destabilize a country, or at least some of its basic industries, to put it under the terms of attackers.
Unfortunately, the current cybersecurity measures of these industries are not enough to stand today’s assaults by cybergangs, making them vulnerable to espionage, blackmail and extortion, Redoble said.
The strategic industries are connected to the cyberspace through what he calls “Scada” or supervisory control and data acquisition.
“Cybergangs can plunge an area into blackout without going to the place to shutdown power stations. Through Scada, they can switch off the area with the tip of a finger.”
Redoble cited the experience of Myanmar in 2008, when the entire country was cut off by a malicious group from the Internet for three straight days.
If that happens in the Philippines, the major industries that are connected to the cyberspace will sustain unforeseen damages, he said, citing business-process outsourcing (BPO) firms as examples.
“BPOs require Internet connection to reach clients across the globe. They will suffer losses.”
Organizations should no longer look at cyber threat as a technical issue only, Redoble noted. The adoption of safeguards should go beyond technical borders.
“To deal with this problem on a technical level is not enough,” he said. “It should be dealt with on at the management level. This means requiring involvement of the board, executives, management committee.”
Redoble admitted that IT people are generally “narrow-minded” to address an organization’s cyber threats.
“The effective cyber threat security binds administrative, technical and physical safeguards, he noted.
To achieve this end, a law is required to compel the strategic industries to adopt the most advanced defenses, Redoble said, noting that the Cyber Crime Prevention Law of 2012 is reactive in nature.
“It’s not efficient.”
With a new law, the government agencies, like the Bangko Sentral ng Pilipinas, National Telecommunications Co., Department of Energy, Manila Water and Sewerage System, the Department of Transportation and Communications can regulate the sectors under them, Redoble explained.
He is also advocating allocation of additional budget for government agencies, as well as putting the responsibility of guarding the country’s cybersphere on the Armed Forces of the Philippines.
“Cyber threat is a national security issue,” he noted. “We should fortify our defenses and start developing our cyberspace capability.”
The country’s cyberspace requires security as other national domains, like land, air, and water do, Redoble said, adding that people shop, bank, send mail and transact in cyberspace today.
The government itself recognizes the country’s cyberspace as a national domain, he said.
“If you recognize cyberspace as a domain, it is something that you have to protect,” Redoble said. “The unforeseen damage when the country’s cyberspace is compromised can be catastrophic.”
Image credits: Oliver Samson
1 comment
buti pa to si Mr Redoble, nagmamalasakit sa bansa natin.. yung mga POLITIKO naman natin nagmamalasakit lang para sa kapakanan ng bulsa nila. Mabuhay ka Angel Redoble!