As ransomware attacks target the Philippine Statistics Authority (PSA) and possibly other government agencies following the infiltration of PhilHealth, a ranking member of the House of Representatives urged the Department of Information and Communication Technology to mobilize some of the country’s about 200 certified cybersecurity experts.
“We have a clear and present danger to our individual, collective, and national cybersecurity. Hence the urgent need for quick solutions,” Bohol Third District Representative Alexie Tutor said.
Tutor also said the cybercrime units of the DOJ, NBI, PNP, and AFP could also be mobilized.
“To quickly address the dire shortage of certified cybersecurity specialists and professionals in our country, the government and private sector should roll out a targeted training and certification program.”
“To quickly address the dire shortage of certified cybersecurity specialists and professionals in our country, the government and private sector should roll out a targeted training and certification program with costs at least partially subsidized by the government by their agency IT training budgets and by the budgets of the TESDA, CHED, and SUCs,” the legislator suggested.
The lawmaker noted that “IT industry practice prefers certification instead of licensure examination. The certification process is already there, so we only have to boost it to produce more cybersecurity experts.”
“Having a licensure examination on cybersecurity will take much more time,” she stressed.
“The law and IRR would take about three or more years. Appointing the members of the cybersecurity professional board will take a year or two. Developing the licensure exam will take at least two to three years because it would be a new board exam. Board review and the first board exam will take another year. It would, therefore, take at least seven years until the first batch of cybersecurity board exam passers,” Tutor explained.
She pointed out certification courses can be rolled out quickly in a matter of months and would have graduates in less than a year, depending on their abilities upon joining training.
“The first quick harvest would be those in the current IT practitioners, members of the graduating class, and recent grads, but the aspirants should still be screened for cybersecurity certification training.”
“Training can be conducted by state universities and colleges, private universities, and IT companies with the needed certification courses in the near term and later with degree programs. Existing degree programs with cybersecurity specialization can quickly churn out graduates, but the first quick harvest would be those in the current IT practitioners, members of the graduating class, and recent grads, but the aspirants should still be screened for cybersecurity certification training,” Tutor explained.
“Existing cybersecurity degree programs can be upgraded. New degree programs can take a few years to develop and execute. Some or all of the current 200 certified cybersecurity experts could be mobilized to teach. Trainees can be selected from recent and old graduates of IT, accounting, finance, and criminology degree programs,” she concluded.
