Cybersecurity more than just an IT issue
The Securities and Exchange Commission Philippines issues a cybersecurity notice to all corporations under the supervision of the Commission.
Companies are advised “in light of the increase of online digital transactions, the rise of cyber financial crimes, and the recent reports of hacking incident/s of multiple social media accounts” to increase their cybersecurity measures.
“Corporations are encouraged to assess their current cyber risks and prepare the appropriate cybersecurity measures,” stated the Commission.
“In particular, corporations should ensure that their board and senior management, who have oversight over the risks or threats of a corporation, be made aware of the cyber risks and craft the appropriate policies and measures for the corporation’s cybersecurity.”
According to media reports, SEC chair Emilio Aquino said “cybersecurity is more than an IT matter,” Aquino said. “It is a corporate governance issue that companies should give serious attention to and proactively manage, as cyber attacks could damage their reputation, disrupt their operations, and eventually jeopardise their profitability and enterprise value.”
In the Philippines, the Cybercrime Prevention Act of 2012 (CPA) defines the following as cyber crimes:
- offences against the confidentiality, integrity and availability of computer data and systems (illegal access, illegal interception, data interference, system interference, misuse of devices and cyber squatting);
- computer-related offences (computer-related forgery, computer-related fraud and computer-related identity theft); and
- content-related offences (cybersex, child pornography, unsolicited commercial communications and libel).
The Act was appointed by the National Bureau of Investigation (NBI) and the Philippine National Police (PNP).
They act as enforcement authorities and regulates their access to computer data, creating the Cybercrime Investigation and Coordinating Centre as an inter-agency body for policy coordination and enforcement of the national cybersecurity plan, and an Office of Cybercrime within the Department of Justice for international mutual assistance and extradition.
