Just as people are expected to take the necessary precautions to avoid being victims of actual crimes, individuals also have to assume some responsibility in protecting themselves against the growing menace of cybersecurity threats.
While information technology experts gave the assurance that institutions and agencies were taking every step to protect people against online crimes—investing in state-of-the-art digital hardware and software and infrastructure and constantly upgrading their systems, people also needed not just to be aware of, but also to take the necessary steps to avoid being victimized by online fraudsters and scam artists.
At a recent edition of the Philippine Daily Inquirer’s Project Rebound, keynote speaker Maria Victoria Castro, director of the Department of Information and Communications Technology (DICT) Bureau of Cybersecurity, advised the online community to keep in mind computer scientist Newton Lee’s advice: “As the world is increasingly interconnected, everyone shares the responsibility of securing cyberspace.”
Panelists Yeo Siang Tiong of Kaspersky, a cybersecurity company; Luis “Chito” Jacinto of Rizal Commercial Banking Corp., and Jonathan Paz of Bank of the Philippine Islands (BPI) all agreed that responsibility for online safety and security could not be left to institutions and experts alone. Individuals would have to assume an active part in protecting themselves.
Theme of the Rebound webinar, which was hosted by Inquirer Business Features editor Doris Dumlao-Abadilla, was “Cybersecurity in the Philippines: How Ready is the Philippines?”
“It is important that everyone plays his/her role” in averting online threats, Yeo said. Jacinto stressed that the government and private institutions could not do everything to safeguard everyone in cyberspace.
Paz noted that, while there was an increased reliance on online services, individuals were still not taking adequate measures to manage risks and improve their cybersecurity.
Castro reported that international studies put the Philippines in the top five targets of global cyber criminals.
Quarantine
The Philippines’ vulnerability seemed to arise from other statistics Castro shared: at least 76.01 million internet users were in the Philippines, “more than half of the population in the country. The number increased by 2.1 million users between 2021 and 2022,” obviously due to the lockdowns and quarantines effected because of the COVID-19 pandemic.
While a major health crisis, COVID-19, the director, said also provided opportunities for growth to digital technologies, innovations and digital spaces, such as online payment, meeting platforms, retail buying and selling, delivery services, etc.
Castro pointed out that Filipinos were also very social beings and were major users of social media. “The Philippines has been tagged as the Social Media Capital, the Text Capital and Selfie Capital worldwide.”
She said, as part of efforts to strengthen people’s online safety, the DICT was embarking on a cybersecurity education campaign program with the theme “Educate, Empower and Encourage” or 3Es.
Training
The campaign involves training of trainers, cybersecurity outreach, media publicity, awareness and information campaign, integration of cybersecurity in the education sector and the designation of a cybersecurity awareness week or month.
Jacinto expressed the view that education, which should start as early as kindergarten, should be an important component of efforts to minimize, if not eliminate altogether, cybercrime. Awareness could be high, but people should learn to be discerning, to recognize what was safe and what was suspicious.
Criminal activities
“Education is really important since awareness does not always lead to [correct] action,” he pointed out.
This observation seemed to be fairly accurate as Yeo said Kaspersky figures showed there was “a 97 percent awareness of criminal activities in the Philippines, but only 69 percent knew how to resolve them and only 21 percent [actually] installed” the necessary protective software or application.
Yeo supported the idea of making people not just aware of the threats, but actually doing something to keep themselves safe. “Instead of buying physical protection (like a phone case), people should be [using] their money to buy crime [prevention and protection software].”
The very high degree of awareness, he said, should be brought to the level of action through “continuous, relentless communication” and by reaching out even to elementary students.
This finding was corroborated by Paz, based on BPI’s own assessment. “There is a disconnect between awareness and people’s [realization of the] need for protection, which is low.” He added that many people thought that because they were educated, well-informed, had some knowledge of digital technology and were aware of the risks, they could not be victimized.
Both Paz and Jacinto underscored the need for legislative measures to institutionalize preventive and protective measures against cybercrime and to raise penalties for such offenses.
The idea that “crime does not pay” was not true for online offenders, Paz said. The fines they had to pay were just fractions of the money they made through online crimes.
Arrests
Despite this, Paz encouraged victims to report such offenses. The BPI, he said, had even assisted some of their clients, which led to actual arrests. But the suspects often managed to get out of jail quickly by paying the small fines and leave the country, if they were foreigners.
Although law enforcement agencies still had a lot of catching up to do in dealing with cybercrimes and lacked the necessary personnel, particularly outside Metro Manila, that should not deter people from reporting criminal activities, Jacinto said.
Yeo, Paz and Jacinto also stressed that the rising number, greater sophistication and diversity of cybercrime threats should not discourage people from enjoying the convenience, speed and lower cost of digitalization.
Kaspersky, Yeo said, was working hard to make businesses—including micro, small and medium enterprises—aware of the threats and the need to take the necessary precautions and protective measures to respond to them promptly and effectively.
Jacinto said institutions were addressing the online concerns, but individuals had to play their part by being more discerning netizens.
Going online, Paz assured people, was safe. Organizations that provided digital services had taken every step to make sure protection was embedded in their programs. But, like Jacinto, he stressed the need for individuals to be aware that cybercrime was always a possibility and to be always vigilant. —CONTRIBUTED INQ