People: A Dual Role in Cybersecurity—Asset or Risk? Experts Weigh In

News & Trends
People: A Dual Role in Cybersecurity—Asset or Risk? Experts Weigh In

Published:

Reading time: 4 min.

Cybersecure 2024: Empowering Innovation and Securing the Digital Frontier

In celebration of Cybersecurity Awareness Month, Punongbayan & Araullo (P&A) Grant Thornton hosted a pivotal forum titled "Cybersecure 2024: Empowering Innovation and Securing the Digital Frontier." This event, held at the Makati Diamond Residences on October 9, 2024, brought together industry experts to discuss the critical role of human factors in the cybersecurity landscape. The forum emphasized that cultivating a culture of awareness within organizations is essential for effectively mitigating cyber risks and enhancing overall cybersecurity resilience.

The Human Element in Cybersecurity

The forum opened with remarks from Romualdo Murcia III, chairman and managing partner of P&A Grant Thornton. He stressed that cybersecurity is not solely the responsibility of leadership or the IT department; rather, it is a collective responsibility that involves every individual within an organization. Murcia stated, "We must establish a culture where everyone understands their role in protecting the organization’s data and systems." This sentiment underscores the necessity of fostering a security mindset across all levels of an organization.

A Call for Collective Responsibility

Murcia’s message resonated throughout the forum, highlighting that a robust cybersecurity framework requires the active participation of all employees. He emphasized that compliance with cybersecurity policies and awareness of potential threats should be ingrained in the organizational culture. This collective approach is crucial in an era where cyber threats are increasingly sophisticated and pervasive.

Insights from Government Officials

The importance of human factors in cybersecurity was further reinforced by Jeffrey Ian Dy, the Department of Information and Communications Technology (DICT) Undersecretary for Infrastructure Management, Cybersecurity, and Upskilling. Dy articulated that "no firewall is stronger than a workforce trained to think critically, adapt rapidly, and respond decisively." His presentation outlined the top ten emerging cybersecurity threats for 2030, many of which are exacerbated by advancements in artificial intelligence (AI).

The Dual Nature of AI

Dy’s insights into AI’s role in cybersecurity were particularly noteworthy. While AI can enhance security measures, it also presents new vulnerabilities. He discussed concerns such as algorithmic bias, AI hallucinations—where false information is presented as truth—and the potential for AI to be weaponized in cyberattacks. However, he also highlighted the potential for organizations to leverage AI for threat detection and automated responses, emphasizing the need for a workforce capable of countering AI-driven threats.

Progress in Cybersecurity

Despite the challenges posed by emerging threats, Dy noted that the Philippines has made significant strides in cybersecurity. The country’s overall cybersecurity score improved from 77 in 2020 to 93.49 in the 2024 United Nations Global Cybersecurity Index. This progress reflects a growing recognition of the importance of cybersecurity at both governmental and organizational levels.

The Corporate Perspective

Alexis Bernardino, field chief information security officer at PLDT Enterprise, shared insights from the corporate sector, emphasizing the urgency of addressing cybersecurity challenges. He remarked, "It’s a scary time for us. The crossroads of AI and cybersecurity has now arrived." Bernardino pointed out that adversaries are already leveraging AI to launch attacks, putting organizations at a disadvantage.

Empowering Employees as Defenders

Bernardino advocated for a proactive approach to cybersecurity, urging organizations to empower their employees as the first line of defense. He stressed the importance of training and awareness, stating that informed employees could significantly enhance an organization’s security posture. He concluded with a call for a collective effort in viewing cybersecurity as a shared responsibility, emphasizing that proactiveness, vigilance, and a healthy dose of paranoia are essential intangibles for safeguarding organizations.

A Human-Centric Approach to Cybersecurity

Leonard Duque, Director and Chief Information Officer at P&A Grant Thornton, championed a human-centric approach to cybersecurity. He argued that prioritizing people is key to strengthening digital defenses. Duque suggested simplifying security advisories to make them more accessible and engaging for all employees. He drew parallels to Apple’s strategy of highlighting appealing features in software updates to encourage user compliance with security enhancements.

Bridging the Workforce Gap

Duque also addressed the pressing issue of workforce gaps in cybersecurity. He cited alarming statistics indicating that the Philippines had only 200 cybersecurity professionals in 2022, with many working overseas. To bridge this gap, Duque called for investments in cyberlearning programs, simulations, and training initiatives to increase the number of skilled cybersecurity practitioners.

Government Initiatives and Future Directions

Undersecretary Dy reiterated the government’s commitment to enhancing cybersecurity education and workforce development. He mentioned initiatives such as scholarships for cybersecurity education and hackathons aimed at fostering interest in the field. These efforts are crucial for building a robust cybersecurity workforce capable of addressing the evolving threat landscape.

Key Takeaways from the Forum

In his closing remarks, P&A Grant Thornton Vice Chairman and Deputy Managing Partner Olivier Aznar summarized the forum’s key takeaways using the acronym PAGT: preparedness, awareness, governance, and technology. He emphasized the need for organizations to adopt a proactive stance by developing comprehensive cybersecurity plans that include risk assessments and incident response strategies.

A Unified Approach to Cybersecurity

Aznar concluded by stressing that everyone within an organization, from executives to entry-level staff, must understand the value of cybersecurity. A robust framework that clearly defines roles and responsibilities is essential for fostering collaboration and accountability across departments.

Conclusion

The "Cybersecure 2024" forum highlighted the critical importance of human factors in cybersecurity. As organizations navigate an increasingly complex digital landscape, fostering a culture of awareness and responsibility is paramount. By prioritizing training, collaboration, and proactive measures, organizations can enhance their cybersecurity resilience and effectively safeguard their digital frontiers. The insights shared during this event serve as a clarion call for all stakeholders to take an active role in the ongoing battle against cyber threats.

Related articles

Recent articles

Latest news

© 2024 BasicFundas.com [ CYBERSECURITY NEWS UPDATES ] All Rights Reserved.