Stronger and collaborative Public-Private Partnerships will create responsive and proactive initiatives that will protect citizens and Critical Information Infrastructure from global and local cyber threats in the Asia region

(Siem Reap, Cambodia, May 23, 2024)  – Leaders of Philippine Cybersecurity and Data Protection Communities of Practice attending the ASEAN-Japan Cybersecurity Technical Working Group joint meeting highlight the urgency for all government and private sector organizations to work in harmony together to fight against cyber threats in the Asia region.

“A harmonious whole-of-Asia and whole-of-society approach to fight cyber threats in the region has to be orchestrated among government and private sector leaders in ASEAN and Japan, along with other countries in the region,” Lito Averia, President of the Philippine Computer Emergency Response Team (PH-CERT) said. “Asian countries face the same threats, and all countries attending confirmed that their respective government’s digital infrastructure along with Critical Information Infrastructure (CII) are also being attacked constantly by international and even local threat actors,” Averia added.

“The constantly increasing cyber attacks on government digital ecosystems and CIIs call for nations in the Asia region to establish concrete solutions such as an Information Exchange Network which will serve as a cyber weather station that will receive, verify, then send out threat alerts to everyone that will impacted in the region,” Sam Jacoba, Founding President of the National Association of Data Protection Officers of the Philippines (NADPOP), and PH-CERT Vice President explained. ”In parallel, each country should continue to produce new cybersecurity professionals and to upskill current cybersecurity and information security personnel that are already working in government and private organizations,” Jacoba further said.

For the Philippines, PH-CERT and NADPOP estimate that the country needs 180,000 trained and validated cybersecurity professionals to proactively and effectively protect the country’s CIIs. Both communities added that a similar number of Data Privacy and Governance, Risk and Compliance (GRC) trained and validated professionals is also needed by the Philippines.

 
Officers and Board Members of the ASEAN-Japan Cybersecurity Community Alliance (AJCCA) attend the 2nd ASEAN-Japan Cybersecurity Working Group Meeting on May 22, 2024 in Siem Reap, Cambodia to discuss cybersecurity partnerships and joint initiatives in the region with their government counterparts in ASEAN. In the photo are (from L-R): Mr. Farwan, Chairman of the Indonesia Network Security Association (IdNSA); Mr. Sam Jacoba, Vice President of the Philippine Computer Emergency Response Team (PH-CERT); Mr. TS Tahrizi Tahreb, Co-Founder of RawSEC Malaysia Cybersecurity Community; Dr. Hiroshi Esaki, President of the Japan Network Security Association (JNSA); Dr. Rudi Lumanto, AJCCA Chairman; Phannarith Ou, President of the Information Sharing and Analytic Center (ISAC) of Cambodia; Seiichi Ito. Chairman of International Relations Committee of JNSA; Dr. Mohammad Salman of the University of Indonesia; Lito Averia, Founder and President of PH-CERT; and, Dr. Khanh Vu, Vice President of the Vietnam Information.

PH-CERT and NADPOP are also attending the fifth board meeting of the newly-formed ASEAN-Japan Cybersecurity Community Alliance (AJCCA), which is a community event happening alongside the 2024 2nd ASEAN-Japan Cybersecurity Working Group Meeting, organized and hosted by the government of Cambodia.

The 2nd Joint Government-Industry-Academia (J-GIA) CA meeting between AJCCA and government cybersecurity representatives from ASEAN and Japan, highlights the importance of harmonious collaboration among countries in the region, focusing on the five pillars of the Global Cybersecurity Index (GCI) published by the United Nations International Telecommunications Union (ITU). The five cybersecurity pillars are the following: Legal, Technical, Organizational, Capacity Building, and Cooperation.

Averia and Jacoba shared that joint initiatives between the government and private sector will be rolling out soon as the main output of these quarterly regional meetings. These initiatives can address the main gaps in the GCI Cybersecurity Pillars for each country and the whole region as well.

“When government and private sector organizations work hand-in-hand to fight cyber threats, citizens will benefit the most,” Averia stressed. “We already see the positive dynamics and impact of this cybersecurity community in the region.”

“What is emerging through these meetings is a regional force for good that will serve as a shield for countries and citizens against threat actors, who are now using AI in their attacks.” Jacoba added. “We are inviting all active Communities of Practice in the region to collaborate with our regional community, the AJCCA, as threat actors are also organized in their actions. During these times, we truly need a whole-of-region, whole-of-society, and even whole-of-community cooperation to effectively respond to cyber threats.”