The Philippines Can’t Afford to Wait A National Cybersecurity Framework Has Become Urgent

The recent large-scale outage that disrupted major online platforms has reignited an important national conversation: how prepared is the Philippines for a cyber incident that could cripple government services, financial systems, or even critical infrastructure? According to lawmakers leading the House Committee on Information and Communications Technology (ICT), the answer is clear we are not prepared enough, and the country urgently needs a unified cybersecurity structure to close the gap.

Following a congressional hearing, lawmakers emphasized that if a global tech giant can suffer a disruption triggered by a technical flaw and unusual traffic spikes, then the Philippines’ digital ecosystem made up of multiple systems with varying levels of maturity is even more vulnerable. Past disruptions affecting major cloud providers only reinforce that cyber incidents can spread quickly and impact essential online services used daily by Filipino citizens, businesses, and government agencies.

This is why a technical working group (TWG) has been tasked to consolidate over a dozen proposed measures into one comprehensive bill aimed at strengthening national cybersecurity and protecting critical information infrastructure. The goal is simple but urgent: create a framework that enables the country to prevent, detect, respond to, and recover from cyberattacks with speed and consistency.

Lawmakers outlined key priorities the consolidated bill must address, including minimum information security standards, clear incident response protocols, improved intelligence sharing, and stronger coordination among agencies. At the core of the proposed measures is House Bill No. 2826, which seeks to establish a National Cybersecurity Agency (NCSA) under the Department of Information and Communications Technology (DICT). This agency would be responsible for creating a cybersecurity masterplan, overseeing national cyber defense strategies, and uplifting the country’s resilience against attacks.

The proposal also includes the creation of a National Computer Emergency Response Team (NCERT) a dedicated group of cybersecurity specialists capable of responding rapidly to active threats. By establishing a coordinated network of CERT teams across government units, the Philippines could significantly reduce response times, contain incidents more effectively, and support affected organizations before damage spreads further.

These initiatives highlight a promising shift toward long-term cyber preparedness. But until such policies are formalized and implemented, organizations across both public and private sectors must take proactive steps to protect their own systems. Cyberattacks are becoming more sophisticated and more frequent, and waiting for legislation to pass is not a viable option.

This is where trusted cybersecurity partners can help bridge the gap. Directpath Global Technologies (DGT) supports institutions in strengthening their defenses through Managed Threat Detection (MTD), Extended Detection and Response (XDR), Vulnerability and Penetration Testing (VAPT), System Organization Controls Type 2 (SOC2) guidance, Vulnerability Risk Management as a Service (VRMaaS), WAF protection, and vCISO advisory. With an advanced AI division, DGT also provides tailored, data-driven solutions that enhance not only security operations but broader organizational performance.

The message from recent events is unmistakable: the Philippines must be ready for the next cyber incident, not react to it after the damage is done. As Congress moves toward building a national cybersecurity framework, organizations can already begin strengthening their resilience because in today’s digital landscape, preparedness is no longer optional. Source: Manila Bulletin