Cybersecurity is no longer the sole responsibility of the Chief Information Security Officer (CISO) but of all organization members across divisions and departments, as cyberattacks are reported almost daily, according to Scam Watch Pilipinas Co-Founder and Co-Lead Convenor Jocel de Guzman.
Mr. De Guzman, also the founder and president of reputation management company Truth360, Inc., urged cybersecurity and IT executives from different companies to form a high-level cross-functional team to jump-start the conversation of making cybersecurity a part of their corporate culture.
“The increasing frequency of cyberattacks highlights the need for a company-wide cybersecurity commitment,” Mr. De Guzman said during the recent Women in Security Alliance Philippines (WiSAP)-Beyond Trust cybersecurity forum entitled “Paths to Privilege: Leveraging AI for Modern Identity Threat Detection.”
The Deep Web Konek Facebook Page, a group of anonymous cybersecurity enthusiasts who frequently scan the dark web, reports a local cybersecurity breach of a private company or a government agency almost daily.
Mr. De Guzman said that the cybersecurity culture initiative in an organization must emanate from the top down to break departmental silos that keep that cybersecurity is not their responsibility.
“We need to understand that most CEOs, presidents, agency heads, and other C-Level executives don’t have a cybersecurity background, which is why cybersecurity is not prioritized,” Mr. De Guzman revealed.
“Integrating cybersecurity in a corporate culture needs a whole-of-organization approach, from the CEO level down to the organization’s other leaders in Marketing, Customer Experience, Legal and Compliance, Human Resources, Finance, IT, among others. This is the only way to break the silos of all the departments where cybersecurity is not part of their Key Result Areas (KRAs) and Key Performance Indicators (KPI),” Mr. De Guzman added.
Mr. De Guzman highlighted that many companies and government agencies in the Philippines continue to view cybersecurity as a cost rather than a strategic investment, leaving their systems susceptible to cyberattacks and, more importantly, their stakeholders vulnerable to cyber fraud.
“On one hand, from a technical standpoint, numerous sophisticated cybersecurity software solutions are available for companies to invest in to safeguard their organizational systems and digital assets,” he said.
“On the other hand, companies must also invest in education and awareness programs beyond copy-pasting anti-scam content from the internet to protect the organization’s various stakeholders, such as customers, employees, and shareholders, against cyber fraud,” he stressed.
Scam Watch Pilipinas has partnered with the Cybercrime Investigation and Coordinating Center (CICC), Gogolook, and WiSAP to advocate for a whole-of-organization cybersecurity strategy that mitigates cyber threats and fraud risks.
Spotlight is BusinessWorld’s sponsored section that allows advertisers to amplify their brand and connect with BusinessWorld’s audience by publishing their stories on the BusinessWorld Web site. For more information, send an email to online@bworldonline.com.
Join us on Viber at https://bit.ly/3hv6bLA to get more updates and subscribe to BusinessWorld’s titles and get exclusive content through www.bworld-x.com.