PRESIDENT Benigno Aquino 3rd has formed an inter-agency body that will protect the government and local institutions from cyber attacks that have become more prevalent over the years.
The Office of the President issued Executive Order (EO) 189, signed by President Aquino on September 17, creating the Cybersecurity Inter-Agency Committee (CIAC), which will “coordinate government agencies and other relevant sectors in the preparation of appropriate and effective measures to strengthen their cybersecurity capabilities against existing and future cyber threats.”
Several government agencies, including Malacanang, had been subjected to previous cyber attacks where hackers were able to tamper with or shut down various websites, replacing them with those generated by the attackers.
“…There is an increasing number of cyber threats against government and commercial information systems which places these institutions at great risk… there is an urgent need to assess national vulnerabilities of government and commercial information systems to cyber threats that compromise critical infrastructure and strengthen the nation’s cybersecurity capability by putting in place measures to eliminate or reduce such vulnerabilities,” the order said.
In issuing the order, Aquino cited two existing laws–Republic Act 10173, or the Data Privacy Act of 2012 and RA 10175, or the Cybercrime Prevention Act of 2012–which provide for the security and protection of government and private sector data information and communication systems.
The President said there was also a need to review old Memorandum Circulars 78 and 196, issued in 1964 and 1968, respectively, pertaining to the security of classified matters in government offices.
The 1987 Constitution recognizes the vital role of communication and information in nation-building.
Under Section 2 of EO 189, the CIAC shall have the following functions:
a. Assess the vulnerabilities of the country’s cybersecurity;
b. Issue updated security protocols to all government employees in the storage, handling and distribution of all forms (digital, electronic, snail mail, etc.) of documents and communications. Following best practices, these protocols shall be updated periodically and as necessary, in light of the rapid developments in information and communications technology.
c. Enhance public-private partnership in the field of information-sharing involving cyberattacks, threats and vulnerabilities to cyber threats;
d. Conduct periodic strategic planning and workshop activities that will reduce the country’s vulnerabilities to cyber threats;
e. Direct its member agencies and appropriate agencies to implement cybersecurity measures as may be required by the situation;
f. Serve as the country’s coordinating arm on domestic, international and transnational efforts pertaining to cybersecurity;
g. Make such recommendations and/or such other reports as the President may from time to time direct; and
h. Perform such other functions as may be necessary.
The body will be directly under the Office of the President, with the Executive Secretary as chairman and the director general of the National Security Council and the Secretary of the Department of Science and Technology as co-chairman. Officials of various government agencies will compose the membership base of the CIAC.
The CIAC may also invite concerned public and private agencies or entities to participate, complement and assist in the performance of its functions.
JOEL M. SY EGCO