Report on Philippine Cybersecurity Coordination Project Prepared by the National Cybersecurity Coordination Office Commission on Information and Communications Technology August 17, 2010
SUMMARYAn Overview on the cybersecurity efforts in the countryProject Components covered by the eGov fund in 2008-2009.Current capabilities of the Philippine Cybersecurity CoordinationProject to address and fulfil the requirements of the government inits commitment to establish a continuum of proactive, reactive anddefensive mode of protecting its critical information infrastructure.
The report includes the following: Cybersecurity Initiatives Project Strategy and Action Agenda The Utilization of eGov Fund Related Accomplishments The Cybersecurity Goals and Agenda for year 2010 onwards
CYBERSECURITY INITIATIVESCybersecurity milestones prior to the availment of the eGov fund inDecember 2008:Cybersecurity advocacy conferences and meetings jointly initiatedby the National Security Council (NSC) and Information SystemsSecurity Society of the Philippines (ISSSP) started in 2002. Outcome: Realization for the need of a Cybersecurity Coordination organization. A move that was also supported by various ICT related and ICT security organizations and to name few: PISO, ISSSP, ISACA, IT Pros, Philippine Honeynet, and PHilNITs.
CYBERSECURITY INITIATIVESThe Cabinet Oversight Committee on Security (Cluster E) in 2004created the Task Force for Securing Critical Infrastructures (TFSCI)and under which is the Cyber Security Work Group (CSWG) chairedby the National Computer Center Director-General Angelo Timoteo M.Diaz-Rivera Outcome: formulation of the National Cyber Plan in 2005 provides broad strategies and guidelines towards proactively protecting the country’s cyber space. President directive to develop a Cyber Security Policy that is necessary as a guiding instrument in creating a more secure and stable cyber environment.
CYBERSECURITY INITIATIVESThe 2nd ASEAN Regional Forum (ARF) Seminar on Cyber Terrorismheld in Cebu City in October 2005 that hosted by the government ofPhilippines -- under the steering leadership of then Deputy NationalSecurity Adviser Virtus Gil Outcome: ARF Resolution stressing that cyber terrorism must be considered as one of the main security threats and to mount a united effort to combat this common transnational and borderless threat is essential. A call for governments to build up capabilities to fight cyber terrorism, and to create national instrumentalities serving as focal points to coordinate a wide network of foreign and domestic cybersecurity entities in the Asia–Pacific region. ARF delegation recommendation for the need for national and regional collaboration frameworks to help such institutions address cyber- terrorism.
CYBERSECURITY INITIATIVESBeing the partner in pushing the ARF Seminar on Cyber-Terrorism,the Philippine government together with South Korean governmentforged to conduct a joint cybersecurity study. Outcome: Philippine Framework of National Computer Emergency Response Team (NCERT) in 2006
CYBERSECURITY INITIATIVESJoint Technical Working Group on Cybersecurity was created underthe CICT Office Order 69 dated July 27, 2007 Outcome: served as a resource body and assistance center for all congressional committees working on cybersecurity legislation Updated Cybercrime Bill for the 14th congress
CYBERSECURITY INITIATIVESRealizing the importance of the critical infrastructure to nation’seconomy and security, the leaderships of CICT deemed it necessaryto empower sustain the cybersecurity coordination initiatives andsubsequently created the Office of the National CybersecurityCoordination through Office Order 43 dated July 2, 2008 anddeputized Undersecretary Virtus Gil to be the National CybersecurityCoordinator.
CYBERSECURITY INITIATIVESThe CICT Office Order tasked the National CybersecurityCoordinator the following: i. Serve as the primary focal point ii. Oversee and provide direction to the government’s countermeasures iii. Integrate the efforts of all participating agencies, public and private iv. Coordinate operational responsibilities with other lead agencies to effectively address illegal activities v. Organize and provide leadership to the various (CSIRTs/CERTs) vi. Design and conduct regular strategic operational planning vii. Provide leadership in the collaboration with international and regional organizations
PROJECT STRATEGY AND ACTION AGENDAThe National Cybersecurity Coordination Strategy comprised of thefollowing five (5) programs:7.A program to establish a favourable cyber security legal regime8.Security threat and vulnerability reduction program9.Security awareness, education and training program10.Security incident response and consequent management program11.Establish national and international coordinating mechanicsthrough: Stage 1 - Promoting cyber policy and legal regime Stage 2 - Planning and preparing institutional capabilities Stage 3 - Operating and sustaining emergency response system
National Cyberspace Security Coordination National Coordination for Cyberspace Security
PROJECT STRATEGY AND ACTION AGENDAIn implementing the National Cybersecurity Coordination Strategy, theNCSO have set the following strategic goals for 2009-2010:•To be the premier trusted single-point of contact within and outsidethe country in coordinating detection, response and prevention ofcyber attacks that may endanger national security.•to promote development of cybersecurity related education,awareness and training programs; and•To facilitate communications across a diverse constituency to sharecybersecurity related information.
PROJECT STRATEGY AND ACTION AGENDAThe mandate of cybersecurity coordination that intend to develop astrong cybersecurity regime for the country could only succeed if itputs in place the organizational infrastructure, coordinative andcollaborative mechanism to support the endeavour. The NCSOstrategic goals from January to December 2009 were the following:g.Setting-up the Cybersecurity Coordination Centerh.To develop counter and readiness plan for cyber incidentsi.To promote a community of national and regional CERTsj.To develop a capability to conduct incident, vulnerability and artefactanalysisk.To undertake the development of cybersecurity related education,awareness, and training programs
PROJECT STRATEGY AND ACTION AGENDAsupport incident reporting across a broad spectrum of sectors withina nation’s borders;provide early warning to affected populations and constituencies;notify others within the cybersecurity communities of potentialproblems;effect a coordinated response;share data and information about the incidents and correspondingresponse solutions;track and monitor cybersecurity incidents to determine trends andlong term remediation; andDistribute cybersecurity best practices and guidance.
THE UTILIZATION OF THE eGOV FUNDIn 2007, the conceptualization of Philippine CybersecurityCoordination Project for eGov funding was pursued under theauspices of the Office of the President (OP) with UndersecretaryVirtus Gil being the head of the Presidential Situation Room taking thelead.The initial amount requested to cover the first 2-year Cyber SecurityCoordination Action Plan amounted to P187 Million with agencycounterpart amounting to P23.440 Million. Acting on the CICTendorsement for eGov funding, SARO amounting to P10 Million inJanuary 2008 was released by DBM to OP to cover the requirementof the project; however, the project champion was given newassignment in February 2008 prompting the OP to return to DBM theaforementioned P10 Million eGov fund.
THE UTILIZATION OF THE eGOV FUNDSponsorship of the project was transferred OP to CICT in July 2, 2008pursuant to CICT Office Order 43 and the same Office Order alsodeputized the de-facto project champion to be the NationalCybersecurity Coordinator. The submission of the project proposalwith new sponsor-agency was submitted anew in July 21, 2008 andSARO amounting to P30 Million to cover the project’s requirementwas released to CICT in December 9, 2008.
THE UTILIZATION OF THE eGOV FUNDOut of the P185 Million requested, only P30 Million was allocated foryear 2008-2009. PR0GRAM DESCRIPTION AMOUNT NCSO NOC/Data Center, Supply, delivery, set-up & Installation of Response Center and materials & equipment, computer hardware, 11,709,176.32 Operation Office network system and peripherals Risk and Vulnerability Supply, delivery, set-up & Installation of Center materials & equipment 2,015,000.00 PKI Center, Root Supply, delivery, set-up & Installation of Authority, and materials & equipment 5,317,368.00 government Certification Authority Contract of Consultancy Services NCSO Contract Workers 1,651,484.40 Continued in the next slide
THE UTILIZATION OF THE eGOV FUNDOut of the P185 Million requested, only P30 Million was allocated foryear 2008-2009. PR0GRAM DESCRIPTION AMOUNTContract of Consultancy Security Techniques Training for the Member-Services Agencies in Manila, Cebu and Davao 750,000.00 Strategic Planning Workshop Designing and Facilitation; and Development of Strategic 250,000.00 Framework and 2009 Implementation Plan. Development of Cyber Security Awareness Campaign Program 440,000.00 Security Awareness Conference and Training Management and Mobilization of Participants and Speakers Bureau in Davao on Dec. 11, 2009 315,000.00 Security Awareness Conference and Training Management and Mobilization of Participants and Speakers Bureau in Davao on Dec. 14, 2009 320,000.00 Continued in the next slide
THE UTILIZATION OF THE eGOV FUNDOut of the P185 Million requested, only P30 Million was allocated foryear 2008-2009. PR0GRAM DESCRIPTION AMOUNTOffice Supplies NCSO Requirement 461,808.00 PKI Requuirement 263,825.46TOTAL 23,493,662.18
RELATED ACCOMPLISHMENTSWith the initial eGov funds, the NCSO was able to accomplish thefollowing key results strategic agenda:•Establishment of National Cybersecurity Coordination Office(NCSO): ensures the effective implementation of CICT Special Order 43 series of 2008 and the development of a strong cybersecurity capability. Served as infrastructure and administrative/secretariat machinery for the National Cybersecurity Coordinator The NCSO Secreatariat was temporarily filled up by the contractual personnel hired through the eGov funds
RELATED ACCOMPLISHMENTSNCSO functions: defines of the rules and procedures for the inter-agency meetings and conferences provides of conference management and direct support services to the meetings and other for a presided by the NCSO serves as coordinator of the NCSO and its sub-committees in the performance of its functions as mandated provides secured record-keeping and other information requirements for the NCSO manages the financial and other administrative requirements for the NCSO perform such other functions as may be required
RELATED ACCOMPLISHMENTS•Activation of the Cybersecurity Inter-Agency Committee Inter-agency Cybersecurity Works Group (CySWG) was re-constituted to served as the advisory body to the National Cybersecurity Coordination Office. The Inter-Agency Advisory body shall provide the government through NCSO with the proper tools, knowledge base, skill sets and laws to effectively secure Philippine cyberspace and effectively respond to cyber attacks. Members of the Advisory Body are the following: National Computer Center (NCC) National Security Council (NSC) Philippine National Police (PNP) National Bureau of Investigation (NBI) Department of Justice (DOJ) Armed Forces of the Philippines (AFP) Sectoral CERTS (NCC, BSP, DTI, DOTC, NTC and DOE)
RELATED ACCOMPLISHMENTSe)Setting up of the National Cybersecurity Center (NCERT) shall serve as the nerve center supported by a Point-of-Contact (PoC) System A web-enabled point-of-contact system that shall be able to receive cybersecurity related incident reports through multiple channels such as SMS, email, phone calls, blogs, etc. A Portal that shall also serve as the central source of information regarding cyber security issues, and critical infrastructure protection and cybersecurity coordination. www.ncso.ph
National Cyber Security Office Cybersecurity Inter-Agency Committee. NCCS - CICT - NCC - NSC - NTC - BSP - NEDA Project Director - DOTC - AFP - DOJ - DOE - PNP - NBI Finance/Admin Secretariat - NICA • Budget • Accounting • Mgt IAC Mtg • Personnel • Mgt of Public & • Logistics and Private Partnership Audit Philippine Cyber Security Center Public Key Infrastructure Planning Technical Incident and Support Response Coordination Systems Group Phil Root Govt Govt Certification Certification Registration Phase II Authority Authority Authority Construction of Network Cybersecurity Center Admin Control of Training for System Response Team Admin Establishment of Risk Database Assessment Management Conduct of Advocacy and Website Software Awareness Operation’s Auditing Management Development Conduct of Policy Formulation Coordination of international Collaboration Agreement
RELATED ACCOMPLISHMENTS•Establishment of the center for Public Key infrastructure an enabling infrastructure that will protect the transfer and sharing of information supports the government objective of providing a more secure and trusted online environment PKI hardware, software and systems were donated by the South Korean government to the Philippine government eGov Fund were tapped to cover the civil work, electrical and air conditioning requirements of the PKI center.
RELATED ACCOMPLISHMENTS•The establishment of Risk and Vulnerability Assessment System•The development and conduct of a Capacity Building Program for theNational Cybersecurity Incident Team and the various sectoralCybersecurity Incident Teams•The development and implementation of the Security And AwarenessProgram•The formulation of the National Security Policies