THE chairman of the Senate Ways and Means Committee is backing a request by the Department of Information and Communication Technology (DICT) for P300 million in confidential funds to boost the agency’s ability to protect the government from an alarming rash of cyber attacks.
This, as Senator Sherwin Gatchalian cautioned, however, that the government must first make sure the Filipino people are fully informed that the cyber threat is real and not like what they “view on television” so that the general public will also take precautions.
Speaking mostly in Filipino in a radio interview, he added: “If this [the spate of cyberattacks on government institutions] worsens – I think it is not yet that bad but once it worsens – all of us are at risk of having all the personal information we give to government being leaked and ending up in the hands of criminals.”
He said his analysis of the situation indicates that “we are truly not prepared for this. We lack the capability, and we lack the skilled persons who can fight this. And I think the situation will get worse in the coming days.”
Asked if he agreed with the move to release the requested P300-million confidential fund to “buy equipment” for the DICT, the senator replied: “That was also the senators’ question when we had an executive session. They were asking for P300 million and they said they needed this to be in the nature of confidential funds” because, if ordinary procurement rules were followed, they would have to publicize their planned purchases, and hackers would then know what equipment they have and what sorts of attacks they can thwart.”
Gatchalian said he agreed with that logic, and in his view, “many of our national security equipment should not be made known to other countries because then they would know our capabilities especially in defense or national security …. because if they know what we have, they will know what we can do, what we can’t.” In the DICT’s case, he stressed, this prudence in sharing information is totally justifiable, he added, “because the issue of cybersecurity and cyberattacks is worsening.”
Nonetheless, he thinks it’s only the DICT that should be given this leeway in purchasing equipment for cyber security since it has the main mandate of providing “internet safeguard or protection for all our state agencies. It should be only the DICT.”
Asked if he agreed on the need to tag the requested monies as confidential fund as there were “various accounting [processes], while the procurement law allows exemptions,” the senator replied: “As a rule, I’d agree that those should be in line item … that’s why I said, as a rule everything that’s bought should be in line item in the General Appropriations Act.” However, he also conceded that many types of specialized equipment “cannot be publicized to the whole world,” and this, he said, is a gap in the current procurement rules, which he described as “very strict” without room for protecting information on vital, sensitive purchases.
“If there’s really a national security implication, if it can be proven it can impact our security, then let’s give an exemption.”
He said this is one of the key issues senators are looking at as they work on amendments to the Procurement Act, an initiative led by Sen. Juan Edgardo Angara.