To ensure the security of CIIs, Cabanlong shared that DICT will roll out a CII Protection and Security Assessment Programme. The programme includes three sub-projects, namely Protection Assessment for ICT Systems; Security Assessment; and Compliance Certification to Cyber Risks of CII.
In addition, DICT will implement the National Cyber Drills and Exercises Programme to assess the capability and readiness of CIIs.
Establishment of CERTs
To ensure the cybersecurity of government networks, DICT will implement the National Computer Emergency Response Programme. This will pave way for the establishment of a National Computer Emergency Response Team (NCERT), Government Computer Emergency Response Team (GCERT), and the Sectoral Computer Emergency Response Team (Sectoral CERT).
Cabanlong said NCERT will collaborate with other CERTs in the country to conduct incident response, collect actionable intelligence, and enable early warning system and digital analytics.
In addition, DICT will implement the Military Computer Emergency Response Programme to establish a Defence Situation Monitoring Centre, and the Armed Forces of the Philippines (AFP) Cyber Command to protect military networks.
Ensuring the safety of business and supply chains
Cabanlong also shared that DICT will implement a National Common Criteria Evaluation and Certification Programme to ensure the compliance of suppliers in the country. At the same time, DICT will create a guideline with regards to benchmarking of ICT materials, and ensure that they are compliant with government standards.
Raising cyber security awareness
To increase the pool of cybersecurity experts in the country and raise cyber awareness of every Filipino, DICT aims to integrate cybersecurity into the academic curricula of senior high school and undergraduate levels, as well as, offer a graduate school programme for cybersecurity.
In an exclusive interview with Computerworld Philippines, Cabanlong revealed that DICT is now working with the Commission on Higher Education (CHED) to implement this initiative next year.
If implemented, a diploma or graduate school course on cybersecurity will be offered in higher education institutions (HEIs). The course will cover the foundational aspects of cybersecurity, risk management, forensics, and incident response.
However, Cabanlong said that DICT will still identify the pre-requisite subjects that will be offered to senior high school and college students to allow them to take the cybersecurity courses.
Last weekend, DICT held a Cyber Security Caravan in Zamboanga City for local colleges and universities to discuss the National Cybersecurity Plan 2022. The event also provided insights on how students and school officials can protect themselves from cyber threats.
Cabanlong said that DICT has also met the deans and administrators of local colleges to discuss the possibility of creating elective subjects on cybersecurity, especially to colleges which have been granted the autonomous status by CHED. Autonomous colleges and universities have the privilege to design their own curricula and offer new courses.
Sign up for CIO Asia eNewsletters.