Senator Win Gatchalian has raised concerns about potential cybersecurity threats that could impact financial institutions and public utilities in the wake of recent cyberattacks targeting government institutions.
“Parang organized ang mga hacking na nangyayari at hindi coincidence. Pero ang tingin ko posibleng umpisa lang ito ng mga makikita pa nating mga problema,” Gatchalian said, noting certain institutions including banks and public utilities and critical services such as airports, water distribution, and power transmission lines are at risks if they are caught off-guard.
“Nakikita dito na hindi talaga tayo ready. We need to act right away. This is a clear and present danger that we need to address right now,” he warned.
Gatchalian pointed out that a series of cybersecurity attacks against government agencies, which hold crucial databases, like the Philippine Statistics Authority (PSA), Philippine Health Insurance Corp. (Philhealth), and the House of Representatives underscores the government ‘s lack of readiness to fend off such cybersecurity attacks.
He said even the Department of Information and Communications Technology (DICT) has admitted that the government is ill-prepared for such incidents. Gatchalian earlier said he favors providing DICT with confidential funds to help enhance the agency’s capability to help shield the country from cybersecurity attacks.
“Concerted effort ito. Sinasadya at tinetesting ang capability ng ating gobyerno. Nakakabahala na baka lumalim,” Gatchalian emphasized.
The senator reiterated his proposed legislation designed to strengthen the cybersecurity capabilities of organizations in the country. Specifically, the proposed measure will require organizations to have their own cybersecurity officers and develop cybersecurity plans.
Senate Bill 2066, or the Critical Information Infrastructure Protection Act, mandates all covered critical information institutions (CII) to adopt and implement adequate measures to protect their information and communications technology (ICT) systems and infrastructures and respond to and recover from any information security incident.