So as the Philippines rolls out its "new and improved" National Cybersecurity Plan (NCSP) 2023-2028 to help protect the country against digital threats, it is essential to identify ways of incorporating proactive and multi-layered strategies to evolve from past reactive approaches.
The 2017-2022 version of this cybersecurity plan made important progress by establishing the National Computer Emergency Response Team (NCERT). It was primarily focused on responding to threats.
But this reactive approach meant that our national cybersecurity efforts were more about waiting for threats to occur before addressing them.
Thankfully, the current incarnation of the NCSP adopts a more proactive strategy. This means that, in theory at least, relevant authorities will now be encouraged to act even before a database is hacked, a website is defaced, or an important digital financial service is disrupted.
This latest version emphasizes the need for early threat detection and mitigation, and the development of a publicly accessible threat database that can be used by anyone to update their defense systems.
The plan also advocates for minimum standards and a secure-by-design approach to securing government infrastructure.
Of course, it is important to understand that a single defensive barrier is not enough to secure the country's cybersecurity interests.
The implementation of the new plan could benefit from using multiple layers of defense to protect information systems. This approach involves multiple, independent proactive strategies for threat detection and response.
Instead of relying on a single line of defense, the NCSP's implementation should include various layers and types of security measures working simultaneously. This ensures that if one measure fails, others can still detect and mitigate threats, much like having an alarm system, security cameras, multiple locks, and a guard dog to secure your home.
Cybersecurity systems should also be able to flexibly choose the most effective response to a threat from a range of possible actions.
While capacity-building is a necessary part of every cybersecurity framework, machine learning can be leveraged for real-time assessment of different strategies and selecting the best one based on the specific characteristics of the threat or attack.
For instance, when facing "deep fakes" (which uses artificial intelligence to create convincing fake videos) the system might deploy specialized AI tools to detect and flag such content.
Finally — and perhaps most importantly — a decentralized approach will allow for localized (and more rapid) responses to threats.
For instance, individual entities’ cybersecurity teams can quickly address threats specific to their operations while still coordinating with a central authority.
These suggestions provide a multi-faceted approach to cybersecurity that can foster that key shift in mindset from a reactive, linear strategy, to a resilient and adaptive, cybersecurity framework.
By implementing multiple layers of defense, the plan ensures redundancy, which is critical given the complexity of modern threats. Plus the emphasis on decentralization enhances the plan's adaptability.
These measures will not only protect against current threats but also ensure an agile infrastructure that can handle emerging threats such as deep fakes and advanced persistent threats, and future threats — threats that both the good guys and the bad guys have yet to imagine and invent.
As with anything in this country, the success of the NCSP 2023-2028 hinges on effective execution.
It demands significant coordination, resources, and unwavering commitment from all stakeholders. Only then can the Philippines strengthen its defenses and secure its digital future.
Nikki Mendez is a corporate lawyer specializing in technology, including cloud computing, cybersecurity, privacy, and intelligent systems, guiding pivotal technology transactions and policy developments.
