(PNA file image)
ODIONGAN, Romblon – The private sector Philippine Computer Emergency Response Team (PH CERT) has urged the administration of Romblon State University (RSU) and other big organizations recently attacked by hackers to establish permanent cybersecurity departments with well-trained and well-equipped personnel.
In an interview on Thursday, PH CERT president Lito Averia said it is about time for institutions that keep huge volumes of sensitive data to invest more of their resources on bolstering cybersecurity.
He said it is not enough to have personnel who will detect and repel potential cyber-attacks, thus it is also necessary that every organization establish an incident response team that can act quickly to mitigate the damage in the event of a successful data breach.
“Aside from acquiring better cybersecurity tools and hiring highly-trained IT (information technology) people, institutions must also adopt policies that will penalize its personnel for negligence in ‘cyber hygiene’ or who will put the whole organization at greater risk from cyber criminals,” he added.
PH CERT is an anti-cybercrime advocacy group made up of cybersecurity professionals from various organizations.
The group has advised members of Congress in crafting cybersecurity and data privacy laws.
Meanwhile, the administration of RSU said its initial investigation into Monday’s data breach showed that the hackers posted a series of screenshots of the alleged data that was hacked from the university’s old internal system.
In an online statement on Wednesday, school authorities said the breach was apparently triggered by an alleged wrongdoing of a faculty member.
RSU did not confirm earlier reports that personal data of students and faculty members were also stolen by the cyber criminals.
“As a government institution, the university recognizes its inherent obligation to ensure that personal information in its information and communications systems are secured and protected… The university has likewise already reported the matter to the National Privacy Commission in compliance with its issuances. In cooperation with law enforcement agencies, we shall also endeavor to make the perpetrators accountable for this incident,” the RSU administration said. (PNA)
