BSP launches cyber defense council

The Bangko Sentral ng Pilipinas (BSP) has formed a public-private sector council to strengthen the cyber defense of the country’s financial sector.

The BSP said in a statement that the Financial Cyber Resilience Governance Council (FCRGC) was launched last Feb. 11 to foster a safe, secure, and resilient financial system by promoting strong cybersecurity practices, governance, and collaboration.

“This Council represents our collective resolve to strengthen our cyber defenses,” he said,” BSP Governor Eli M. Remolona, Jr. said.

READ: Tackling cyber threats head-on

Monetary Board Member Jose Querubin will serve as the council’s advisor, while BSP Deputy Governor Chuchi Fonacier will serve as chairperson.

READ: Cyber tools in new PH defense law to curb modern security woes

Meanwhile, Bankers Association of the Philippines (BAP) Cyber Committee Head Sandeep Uppal will serve as vice chairperson of the FCRGC.

The members of the council include representatives from the Chamber of Thrift Banks, the Rural Bankers Association of the Philippines, the Philippine E-Money Association of the Philippines, BancNet, and the Philippine Clearing House Corp.

The BSP said that the heads of its policy and specialized supervision sub-sector, technology and digital innovation office, and technology risk and innovation supervision department will also serve in the council.

It added that the council will meet every quarter to discuss the success metrics of the council, review relevant cyber threat reports, and recommend policy enhancements.

The council will also implement the 2024-2029 Financial Services Cyber Resilience Plan (FSRCP), which the BSP launched on August 6, 2024.

The five-year plan outlines the central bank’s high-level goals and strategies to maintain the integrity and ensure the security of the country’s financial system.

Last month, cybersecurity firm Fortinet warned Philippine companies against escalating ransomware incidents this year, warning that hackers have remained persistent in launching digital attacks that could disrupt operations for monetary gain.

A survey commissioned by the company and conducted by International Data Corp. (IDC) found that ransomware and phishing attacks are the top cyber threats in the country, with over half of the respondents citing these illicit tactics.

Fortinet had estimated that an organization spends about P55 million or about $1 million to resolve a single data breach and pay off a ransom to regain system access.

The World Economic Forum, in its Global Cybersecurity Outlook 2025, also highlighted the need to adopt a “security-first mindset” amid the rapid adoption of artificial intelligence which the organization said has introduced new vulnerabilities.