Doing such a thing in this tech-driven economy not only amplifies investor confidence to the Philippines but also allows local companies to safely grow their investments for the long term, industry officials said.
John Avila, senior economic growth specialist at the United States Agency for International Development, said foreign investors look at the cyber and digital readiness of a country when they make investment decisions.
This is on top of other factors like business-friendly polices, availability of human resources and cost of doing business.
Major concern
Saptarshi Basu, economic officer of the US Embassy in the Philippines, said cybersecurity is one of the major concerns of the US in the Philippines, especially since most of the back-office support of US’ multinational companies are outsourced in the Philippines.
Eight of the top 10 business process management (BPM) firms in the country are US companies and 70 percent of BPMs serve US clients, including some of the largest US firms.
Kanishka Gangopadhyay, press attaché of the US Embassy in the Philippines, said if cybercriminals were to paralyze the US economy, they could easily turn to attacking the Philippines, which hosts the back-office support of American multinational companies.
Recent data from American cybersecurity firm Kroll shows that three out of every four companies in the Philippines have fallen prey to some form of cyberattack, making the country one of the most vulnerable to cyberattacks in the Indo-Pacific region.
“This is particularly worrisome given that the majority of companies in the Philippines are small and medium enterprises. Cyberattacks can be debilitating for small businesses that often do not have the level of digital protections that a large company may possess,” said US Ambassador to the Philippines MaryKay Carlson, during Day 1 of the 15th Media Seminar hosted by the US Embassy Manila on June 6, 2023.
“Cyberattacks transcend borders and boundaries. And the US digital ecosystem is intertwined with that of the Philippines—because we are friends, partners, and allies and our economies are connected in so many ways,” said Carlson.
The 15th Media Seminar was anchored on the theme, “Building Blocks: The US-Philippine Partnership for a Prosperous and a Cyber-secure Digital Economy.”
Carlos Ely Tingson, senior vice president for Cyber Risk at Kroll, said 75 percent of businesses in the Philippines have experienced a cyber incident.
If compromised, businesses stand to lose big with hefty financial losses associated with a cyber-security incident. An indirect impact of a cyberattack would be opportunity loss due to reputational damage.
But these incidents aren’t reported in public because of the absence of reportorial requirements.
Companies would rather keep mum on cyber incidents to protect the company’s image, according to Tingson.
“This is the reason we need to put up defenses before attacks happen,” said Tingson, adding that if an attack happens, its effect can be felt instantly and can be cascaded in just milliseconds.
Business interruption
According to Kroll, 60 percent of businesses cited business interruption as the most significant consequences of cyber attacks in the Philippines. Malaysia (76 percent) and the Philippines (75 percent) businesses suffered the most cyber incidents in the Asia Pacific region.
“The Philippines is not the only place that the American tech companies can invest in but ensuring that this country is well prepared to deal with cyber issues here is a major concern,” said Basu, adding that if the Philippines fails to shield itself from cyberattacks, investors may begin looking at other options such as in India and other countries.
“It’s important that there’s cyber protection here,” Basu added.
American BPM firm Concentrix, the largest BPM employer in the Philippines with 120,000 workers, has heavily invested in cybersecurity to protect its growing business in the Philippines.
Concentrix Philippines senior vice president and country leader Amit Jagga said the company has invested in creating a defense strategy to fight all forms of cyber attacks. It has also invested in monitoring all big hacking organizations to understand the way they think and move.
Concentrix has about 300 information technology security professionals.
“We are doing all these to protect the business. Hackers now understand that the customer experience (CX) industry is a gateway for them to get to our clients,” said Jaga.
The CX industry handles big data of industries in banking and finance, among others.
Professionals needed
Besides earmarking a substantial budget for cybersecurity, Avila also underscored the need for government to employ cybersecurity professionals in all of its critical sectors such as in the area of energy, transportation, defense and finance among others to improve the country’s response to cybersecurity risks and attacks.
Included in the country’s five-year National Cybersecurity Plan 2023-2028 is the legislation of plantilla positions and salary standardization for cybersecurity personnel in government, among others.
Business owners, on the other hand, will need to hire cybersecurity experts to make sure their businesses are protected from cyber attacks.
In case of a cyber incident, companies are advised to get professional help.
“Don’t fix things on your own. Hire digital forensics experts to take care of the problem,” Tingson said.