PHILIPPINES

FNF Philippines advocates the Localization of the National Cybersecurity Plan for Local Government Units

Since the 1990s, the exponential growth of Information and Communications Technologies (ICT) has revolutionized economies and societies worldwide, serving as a critical enabler of connectivity, innovation, and productivity. While the evolution of ICT faced resistance over decades, the COVID-19 pandemic catalyzed its rapid adoption as a necessity rather than an option. This shift ushered in an era of accelerated digital transformation, bringing with it unprecedented opportunities but also heightened risks. The vulnerabilities of digital systems became increasingly apparent, with cyberthreats exploiting weaknesses in cyberspace at an alarming rate.

The Internet has evolved far beyond its initial purpose as an information-exchange platform. It now underpins the global economy, critical infrastructure, public services, and social networks, making it indispensable to modern life. However, this growing reliance on digital infrastructure comes with inherent vulnerabilities. The confidentiality, integrity, and availability of ICT systems face relentless threats, ranging from electronic fraud and intellectual property theft to disruptions of critical services and destruction of property. The transformational promise of ICT and the Internet as drivers of economic growth and societal advancement is at a critical juncture, as public trust and confidence are increasingly undermined by cyber-insecurity.

To address these challenges, governments must align their national economic aspirations with robust national security strategies. In the Philippines, the Philippine Development Plan (PDP) 2023–2028 highlights digital transformation as a cornerstone of governance and development. A central focus of the PDP is enhancing cybersecurity measures to protect critical information infrastructure (CII). 

Complementing the PDP, the Department of Information and Communications Technology (DICT) has formulated the National Cybersecurity Plan (NCSP) 2023–2028, aimed at fortifying the country's cybersecurity posture. The plan emphasizes a proactive approach to mitigating risks, enhancing resilience, and fostering a secure digital environment. Additionally, the Philippines has demonstrated significant progress in legal and regulatory frameworks, being one of 133 nations with enacted data protection and data privacy law and one of 88 countries with mandatory breach notification measures.

Despite these national initiatives, cybersecurity incidents involving Local Government Units (LGUs) remain a critical concern. Due to these reasons, the Friedrich Naumann Foundation Philippines tapped the services of John Henry D. Naga, Privacy Commissioner and Chairman of the National Privacy Commission (NPC) – Philippines, Ivin Ronald D.M. Alzona, lawyer and Executive Director of the National Privacy Commission, and Rainier Anthony M. Milanes, Chief Information Technology Officer, Privacy Professional, Lecturer, and Lawyer, to produce a policy paper to localize the NCSP 2023–2028, employing a top-down and bottom-up approach to ensure effective implementation at the LGU level. This dual framework will bridge national policies with local realities, empowering LGUs to strengthen their cybersecurity capabilities while aligning with national standards. By doing so, the Philippines can create a more resilient digital ecosystem, fostering economic growth and safeguarding public trust in ICT systems.

You may view the copy of the publication here.