ROTARY CLUB OF MANILA JOURNALISM AWARDS
2006 National Newspaper of the Year 2011 National Newspaper of the Year 2013 Business Newspaper of the Year 2017 Business Newspaper of the Year 2019 Business Newspaper of the Year 2021 Pro Patria Award PHILIPPINE STATISTICS AUTHORITY 2018 Data Champion
BusinessMirror A broader look at today’s business
www.businessmirror.com.ph n Saturday, January 20, 2024 Vol. 19 No. 97
EJAP JOURNALISM AWARDS
BUSINESS NEWS SOURCE OF THE YEAR
(2017, 2018, 2019, 2020)
DEPARTMENT OF SCIENCE AND TECHNOLOGY
2018 BANTOG MEDIA AWARDS
P25.00 nationwide | 18 pages | 7 DAYS A WEEK
Dealing with cyber felons Constantly at risk from online attacks, PHL urged to adopt AI, automation, security operations By Roderick L. Abad
C
Contributor
YBER felons are here to stay, unless both the public and private sectors work together to protect the cyber landscape in the Philippines from their unscrupulous activities on the web. Based on Fortinet’s commissioned survey on the state of Security Operations (SecOps) in the Asia-Pacific region that IDC conducted from October to November 2023, phishing and ransomware are the topmost cyber threats in the Philippines, with over 50 percent of organizations ranking them as their biggest concerns. Other risks are identity theft, patching vulnerabilities, and insider threats. Phishing, which is getting people to click on a link, install an application or open a document, will lead to a ransomware attack or an identity theft, Fortinet Vice President for Marketing and Communications in Asia, Australia and New Zealand Rashish Pandey said in a media briefing on January 16. Ransomware, he noted, is a threat vector that has evolved further in the last couple of years. In fact, the study revealed that it has actually doubled nationwide, with 56 percent of organizations reporting at least a doubling of incidents from 2022 to 2023. “What we are seeing now is [that] even if you pay the money, they will extricate the data and sell it outside, or even if you pay the money, they will not give you the data; they’re just deleted,” he said of how ransomware companies are now acting like large organized crime syndicates that even offer the so-called ransomware-as-a-service for a few hundred dollars. “These organizations are so big. Some of them have more than a billion dollars in revenue in a year.” Besides phishing and malware, other significant vectors include social engineering attacks, Internet of Things vulnerabilities, and insider threats. Eight of 10, or 82 percent of the respondents, feel that remote work has led to an increase in the latter’s cases. The top executive attributed this to insufficient training, lack of employee care, and inadequate communication.
FORTINET Vice President for Marketing and Communications in Asia, Australia and New Zealand Rashish Pandey
FORTINET Philippines Senior Manager for Systems Engineering Nap Castillo
Apart from talent shortage, what’s concerning is that 92 percent of participants find it challenging to keep their team’s skills up to date with the rapidly changing threat landscape. Hence, they prioritize the ability to automate (62 percent) as a key skill for Security Operations Center teams, along with the ability to multi-task and have critical thinking, as well as the right set of certifications.
than 50 percent said they get about 220 incidents daily. Alarmingly, three out of four do not conduct regular risk assessments, thus worsening the challenge of timely detection. The top five alerts the SecOps teams face are suspicious e-mails, malware detections, suspicious user behavior, account lockouts, and multiple failed login attempts. “In the Philippines, there’s only one security professional for 195 employees. This professional has to manage on an average about 44 incidents a day. And it takes about 11 minutes to deal with each alert,” Pandey cited. “And what makes it worse is that almost a quarter [74 percent] of them have looked to at least 25 percent of the alerts that are false positives. We are talking about two, three hours of the day just dealing with noncritical or false positive alerts.” More than four-fifths or 82 percent of teams take more than
Automation to the rescue
NOT depending much on manual labor, 94 percent said that they have adopted automation and orchestration tools in their SecOps. Notably, around 92 percent have experienced significant productivity gains, with at least 25 percent improvement in incident detection times attributed to automation. Preparedness-wise, almost half or 48 percent of the engaged organizations express concerns about being under-equipped to contain risks. On average, more
Continued on A2
Impact of new innovations, security teams shortage
“IN THE PHILIPPINES, THERE’S ONLY ONE SECURITY PROFESSIONAL FOR 195 EMPLOYEES. This professional has to manage on an average about 44 incidents a day. And it takes about 11 minutes to deal with each alert. And what makes it worse is that almost a quarter (74 percent) of them have looked to at least 25 percent of the alerts that are false positives. We are talking about two, three hours of the day just dealing with noncritical or false positive alerts.”—RASHISH PANDEY
KOLDUNOVA ANNA | DREAMSTIME.COM
WHILE emerging technologies have promising benefits, he warned that they also have an effect on cybersecurity if “exploited by the threat actors.” Hybrid work, artificial intelligence (AI), and information technology/operational technology (IT/OT) system convergence pose significant challenges. Cloud technology adoption emerges as a main problem, affecting organizational vulnerability to web threats. Online threats may be alarming, yet there are not enough people dedicated to cybersecurity to provide an effective response. This is evident in the study that shows only 50 percent of businesses have dedicated IT resources for security teams.
PESO EXCHANGE RATES n US 55.8280 n JAPAN 0.3768 n UK 70.9406 n HK 7.1384 n CHINA 7.7582 n SINGAPORE 41.5449 n AUSTRALIA 36.6790 n EU 60.7297 n KOREA 0.0417 n SAUDI ARABIA 14.8855 Source: BSP (January 19, 2024)