Creating a preventative cyber mindset in the Philippines amid mobile surge

Accelerated smartphone adoption combined with rising threat levels is placing the Philippines at the centre of heightened cyber activity, triggering a need for executive action in the enterprise.

This is a nation housing more than 85 million mobile users – rising by 1-2 million annually – while ranking as the fourth most targeted country in the world by hackers.

“The mobile ecosystem is the fastest growing and most pervasive digital platform today,” observed Aubrey Detablan, Managing Director of V-Key Philippines.

“As more people use mobile devices, the importance of mobile security also increases, making it essential for companies to prioritise mobile app security to protect sensitive data and maintain consumer trust.”

Despite acknowledging that the Philippines is “definitely a target for hackers”, Detablan cautioned that “huge demand” has yet to translate into significant action within the enterprise.

“There’s still a big gap when it comes to trust between users and apps that need cutting-edge robust protection,” Detablan outlined. “We are working hard to ensure that every user has peace of mind, from protecting sensitive data up to securing the money they have worked hard for.”

As the Philippines evolves into a growing digital economy, the consequence of becoming such a rapidly developing country is the abundance of valuable data and financial transactions now on the radar of cyber criminals.

According to the Department of Information and Communications Technology (DICT), approximately 3,000 “high-level” cyber attacks have been monitored locally from 2020 to 2022, stretching to 54,000 for less severe threats.

Of the breach attempts, almost half were targeted against government systems and networks – with five agencies attacked since January.

“The Philippines is also a hub for outsourcing and offshoring of business processes which means that many companies from other countries have their data and operations processed here,” Detablan added. “This presents an additional risk as hackers may target these companies in order to gain access to sensitive data.”

This is in addition to an expanding population of internet users across the country, creating a larger pool of potential targets in the process.

“A tech-savvy Filipino population with few data protection mechanisms and less awareness on cyber hygiene practices makes the Philippines extremely vulnerable to cyber attacks and incidents,” Detablan outlined. “As more people come online and conduct transactions, the risk of a cyber attack increases.”

Preventative not reactive

Despite growing acceptance related to the importance of creating pro-active cyber security policies, the majority of Filipino organisations are failing to practice what they preach.

Most remain reliant on reactive strategies designed to respond to attacks after they arise rather than developing preventative measures from the outset.

“Organisations are mitigating cyber risks by complying with regulations and investing in technology such as multi-factor authentication, mobile app protection and eKYC,” Detablan said. “The aim is to secure identity and transactions, implement incident response and recovery plans and educate employees.”

Notably, 75% of organisations in the Philippines have experienced a cyber incident, significantly higher than the Asia Pacific average of 59%.

That’s according to Kroll findings – published via Asia Pacific State of Incident Report 2022 – which claims Filipino businesses are chiefly concerned by data loss (70%), theft of intellectual property (60%), business interruption (56%) and reputationional damage (45%). This is in addition to costs incurred (40%), fines arising from regulatory sanctions (31%) and ransom payments (27%).

“Given the rise of cyber attacks and data breaches, it’s essential for organisations to prioritise mobile app security to protect both their own data and the data of their users,” Detablan emphasised.

In response, Detablan said businesses must implement a “comprehensive” cyber security strategy that covers all aspects of IT infrastructure to better protect company systems and data.

Within that context, the top four security priorities for Filipino organisations are:

1. Cloud security: Organisations must ensure that cloud environments are secure and compliant with regulations such as Data Privacy Act of 2012 – this includes implementing security measures such as access controls, data encryption and regular security audits
2. Threat intelligence and analytics: Organisations must continuously monitor networks and systems for potential threats and respond quickly to any incidents in real-time
3. Incident response and business continuity planning: In the event of a cyber attack, organisations require a plan to respond quickly and effectively to minimise the impact on operations and customers
4. Mobile app security: This has become an increasingly important priority for organisations not just in the Philippines but worldwide as the use of mobile devices continues to grow and more sensitive information is transmitted through mobile apps

“Businesses today are very meticulous when it comes to choosing cyber security solutions which results in slow decision-making,” Detablan added.

“Such delays not only result in missed opportunities or lost revenue but also increases the risk of security breaches which places user data at risk and widens the trust gap between enterprises and their customers.”

A key reason for delayed investments, according to Detablan, is ongoing challenges linked to deployment costs. The market is filled with cyber security solutions but not all can provide “robust, innovative and cutting-edge” capabilities that are “cost-efficient” given today’s economic climate.

“Building expertise is a continuous process and organisations need to stay agile and adaptable to meet changing market demands,” Detablan added.

As a global leader in software based digital security, V-Key built V-OS – a patented virtual secure element that uses advanced cryptographic and cyber security protections.

The technology powers ultra-high-security solutions for mobile identity, authentication, authorisation and payments for major banks, payment gateways and government agencies – securing 250 million mobile digital experiences globally.

“Our solutions have undergone multiple vulnerability assessment exercises held by local and overseas independent professional penetration testing entities, engaged by our customers during the evaluation processes,” Detablan said. “V-Key withstood these attempts even after weeks of determined attacks, challenging security standards previously held by hardware tokens.”

To meet demand, V-Key builds strategic partnerships and collaborations with leading value-added resellers and system integrators in the Philippines, backed by strong industry association collaboration and ecosystem alliances.

“We are trying to also expand in new markets,” Detablan shared. “We want to leverage our cyber security expertise and resources to offer a more comprehensive suite of services to the enterprise.”