by Oliver Samson, Tapat News
Two of the country’s top cybersecurity experts cautioned Social Security System (SSS), Government Service Insurance System (GSIS) and other government agencies to step up security following Commission on Elections’ (Comelec) recent massive data breach.
The SSS, GSIS, Bureau of Internal Revenue, PhilHealth, Pag-Ibig, and other government instruments involved in processing and storage of personal information have more confidential and sensitive data in custody than the Comelec, Isaac Sabas, CEO, Pandora Security Labs, said in an online interview on Saturday.
When government agencies processing and storing personal information compromised their data, cyber-criminals can use similar information in fraudulent transactions, explained Redoble, CEO, Right Factors Corp. (RFC) Advisory Services.
“Your personal information can also be used by cyber-criminals to victimize another,” he said.
All government agencies, especially those involved in processing and storing personally identifiable information should tighten their security measures, said Redoble, who is also president of the Philippine Institute of Cyber Security Professionals (PICSPro).
To avoid data breach, government agencies should “utilize available security technologies, conduct routine third party audits, monitor all security devices 24/7, and employ a security team to handle identified incidents,” Sabas noted.
The problem, according to Sabas, is government agencies’ security teams do not monitor their security devices.
“They are not addressing the alerts of these devices,” he said. “They think the firewall will keep the bad guys out.”
Unfortunately, firewalls are often bypassed, Sabas explained.
“What is needed is immediate monitoring and response to incidents,” he said.
Government agencies should “assess their security requirements thoroughly on all fronts and get a competent cybersecurity consultant,” Redoble said.
Sabas expressed frustration over the extent of the Comelec’s security vulnerability, which compromised the database of 55 million registered voters.
While nothing is secure, employing the right security solutions and the right security people can help mitigate threats, he said. (Oliver Samson)