IBPAP raises alarm over cyber attacks
At A Glance
- "The IBPAP is deeply alarmed by these malicious acts, which not only jeopardize the operations of the T-BPM industry but also the reputation of the Philippines as an attractive investment destination," said IBPAP President Jack Madrid in a statement to the media.
The IT Business Process Association of the Philippines (IBPAP) has raised alarm over the cyber attacks and hacking incidents targeting the government’s critical information and information systems, warning of long-term economic ramifications for the industry and the country’s reputation if the situation is not addressed properly.
“The IBPAP is deeply alarmed by these malicious acts, which not only jeopardize the operations of the T-BPM industry but also the reputation of the Philippines as an attractive investment destination,” said IBPAP President and CEO Jack Madrid in a statement to the media.
IBPAP recognizes the need to maintain a heightened state of alertness, recognizing the inherent risks from its dependence on digital technologies and systems that host substantial volumes of sensitive data.
The Philippine IT-BPM industry, which is projected to generate revenues of $35.4 billion by the end of 2023, acknowledges that a successful cyberattack could potentially lead to substantial losses. More importantly, the ramifications of cyberattacks extend beyond immediate financial losses.
“They can Inflict lasting damage on businesses, leading to client attrition, reputational harm, and long-term financial implications,” the group said.
Given the vital contribution of technology and the IT-BPM industry to the economy, IBPAP urges the government to ensure that robust data privacy and cybersecurity laws are established to deter cyberattacks and threats across sectors.
IBPAP recommended that government should approve and implement the National Cybersecurity Plan 2023-2028, which outlines the Philippines’ overall strategy in combating cyber threats that could cripple the economy and national security.
The group also proposed the urgent certification for the passage of the proposed Critical Information Infrastructure Protection Act, which provides a clear reporting mechanism and policy framework for public and private institutions in safeguarding the ICT systems of critical information infrastructures from cyber threats and attacks.
IBPAP also called for the amendment of the Cybercrime Law to facilitate the legal proceedings against cybercrimes perpetrated by employees that damage the reputation of Philippine IT-BPM and other industries.
IBPAP has taken the lead in communicating the urgency of addressing fraud within our sector and the inability of our members to take legal action against culpable individuals due to constraints set by current laws and regulations.
On the part of the IT-BPM sector, IBPAP said they remain steadfast in promoting the recommendations outlined in the Philippine IT-BPM Industry Roadmap 2028 for countering cyberthreats at the organizational level.
These include adoption of zero-trust approach architecture to ensure that no user or device is automatically trusted, and that verification is required at every step.
Members are also urged to invest in artificial intelligence (AI) and machine learning (ML)-led threat hunting.
Other recommendations include enhanced threat intelligence capabilities; Strengthened cybersecurity skills; implement strong data privacy and security measures; regular update and patch systems; conduct regular security assessments; educate employees on cybersecurity best practices; and establish incident response plans.