The Department of Finance (DOF) ordered government financial institutions (GFIs) and its attached agencies to strengthen their shields against potential cybersecurity threats following a cyber-heist on one of the state-owned banks.
Finance Secretary Carlos G. Dominguez III said that all GFIs and other agencies under the DOF should come up with a cost-effective defense strategy to protect their systems from cybersecurity threats and other possible risks and data breaches in the digital landscape.
Dominguez said that as an initial step, he has instructed GFIs, state-run pension funds, insurance agencies, revenue and treasury agencies to enter into their respective memoranda of agreement (MOAs) on a shared cyber defense strategy.
The order includes three government-owned financial institutions, Land Bank of the Philippines, United Coconut Planters’ Bank (UCPB), and the Development Bank of the Philippines (DBP).
The finance chief order also covers the Insurance Commission, Philippine Health Insurance Corp. (PhilHealth), Philippine Deposit Insurance Corp. (PDIC), Government Service Insurance System (GSIS) and Social Security System (SSS),.
Dominguez also ordered the Bureaus of the Treasury, Bureau of Internal Revenue (BIR), and Bureau of Customs to share their cyber defense strategies to the GFIs and other government agencies.
Dominguez said he has also ordered the creation of a working group composed of representatives from these agencies to work on identifying the potential cybersecurity threats and cases of cyber fraud that they may encountered.
“We are keen on institutionalizing this cybersecurity program. As the Duterte administration fast-tracks its digital transformation initiatives to meet the challenges of the emerging New Economy, we must also see to it that we have the capacity to defend our critical systems from cyber attacks from third parties and other possible hazards,” Dominguez said.
Dominguez said the government may tap the expertise of the private sector in coming up with a shared cyber defense strategy covering state institutions and agencies under the DOF.
“Investing in cybersecurity is not only a crucial national security concern, but is also indispensable to protecting sensitive citizen information stored in the systems of our GFIs and other state-run institutions,” he added.
Dominguez said the government is taking a prudent approach to protecting the country’s financial “infostructure,” especially at this time when the digital space has become vulnerable to a wide range of sophisticated cyber attacks and threats.
“We are serious in protecting our national interests and ensuring the safety of citizen information so we are taking steps to heighten our digital protection strategies,” Dominguez said.
He said the MOAs among the institutions and agencies involved in this cybersecurity plan will be done in segments.
The GFIs such as DBP, UCPB and LandBank will comprise one segment, while the insurance fund agencies and the revenue bureaus under the DOF will be under the two other segments.
Each segmented group will adopt a “shared defense strategy” to make the cybersecurity program cost-effective, Dominguez said.
“The issues and concerns of each sector are similar, so it makes sense that the cost burden of these investments will be equally borne by the group,” Dominguez said.