(PNA graphics by Karen Santos)

MANILA – The United States Agency for International Development (USAID), in partnership with IBM, is set to present its assessment report on the current state of the Philippines' cyber workforce on Dec. 7.

The report titled “National Cybersecurity Talent Workforce Assessment Report of the Philippines” was completed in October this year. It provides insights, current challenges, and proposed solutions for the country’s cybersecurity talent, gaps, and opportunities.

"Certainly it's a topic that needs to be focused on and what we'll hear on the 7th of December are ideas, debates, and discussions about the nature of the problem, what can be done, and what are the actions we can all enjoin each other to move forward," said John Garrity, USAID’s Better Access and Connectivity (BEACON) Activity Chief of Party, in an interview.

"There is this cybersecurity skills shortage so this is an issue for organizations, government, enterprise, and even for individuals, especially young persons who can learn about the opportunity to participate in this sector where there is excess demand for trained professionals."

Several guests from the public and private sectors are expected to discuss the report's findings and recommendations in a panel discussion, to be live-streamed online at  bit.ly/CyberTalentPH and the Philippine News Agency's Facebook page.

According to a briefer, USAID's BEACON works with a wide range of Philippine government agencies, led by the Department of Information and Communications Technology (DICT) to address constraints in ICT development.

The project will help enhance the Philippines’ digital ecosystem, resulting in "a stronger and more competitive telecommunication market and digital economy needed to accelerate economic growth and regional competitiveness", which is in tune with the administration's priority of digitalizing the country.

Under the Marcos administration, the DICT -- tasked to lead the country's digital transformation -- has promised to provide Filipinos with the digital tools to help the economy recover from the pandemic and make the Philippines “more competitive”.

However, the cyberworld poses threats and risks and such technology has brought on challenges.

"Participation in the digital economy brings about the concurrent risk of cybersecurity threats and breaches. It's not really a matter of if it will happen to your organization, it's more a matter of when," Garrity said.

Citing a report by cybersecurity firm Kaspersky in 2021, Garrity said the Philippines had the highest number of users attacked by banking Trojans in the Asia Pacific, making the country the "most targeted" by cybercriminals.

"In the Asia Pacific, the Philippines is the fourth most targeted country by cybercriminals. Certainly, a whole gamut of threats exist," he said.

Given these threats, the report, written for the Marcos administration and the DICT, industry and academe, aims to provide recommendations and ways to improve the nation's increasing cybersecurity posture over the next four years.

"The report also outlines more of the jumpstart interventions that could be more useful to really prime the pump for a stronger ecosystem here on cybersecurity. The idea of the conversation on the 7th is to put into paper and pen in the report a lot of the things that we all know, that this is a big challenge, that we need more cybersecurity capacity and more talent in the country and generate, hopefully, sufficient momentum that leads to concrete steps forward coming to the discussion," Garrity said.

Lack of cybertalent

The country's shortage of cybersecurity staff is even made worse by the "underdeveloped" cybersecurity education pipeline in the Philippines compared to other countries, Garrity said.

"There is a clear and persistent shortfall in cybersecurity talent and what that means is that a lot of the research and the respondents basically articulated that there is this lack of credentialed or certified and experienced cybersecurity talent across the board," he said.

Only a handful of universities offer undergraduate and master's degree programs in cybersecurity, yet these schools also face challenges in terms of low enrolment as well as early departure from degree programs.

In addition, he said many cybersecurity experts in other countries came from the military sector, a talent pipeline that is still at an early stage in the Philippines.

Pay differential between cybersecurity professionals in the Philippines versus other countries that encourage "brain drain" or the migration of workers to countries that offer better pay are also among the issues.

Also, there is an overall lack of talent in the public IT and cybersecurity sector among women for entry and mid-level and no dedicated job functions focus exclusively on cybersecurity.

"You have data encoders, you have IT professionals but no specific job function or roles focused on cybersecurity. So, that's a clear gap on the public sector side," Garrity said.

The report launch is being organized by USAID’s BEACON Activity with DICT and IBM, and media partners Philippine News Agency and ANC. (PNA)