DICT to bid out Cyber Security Plan contract by yearend
THE Department of Information and Communications Technology (DICT) said it plans to put up for auction before the end of the year an outsourcing contract for the implementation of the National Cyber Security Plan (NCSP).
“We can start the bidding around end of October or early November,” DICT Undersecretary for Special Concerns Eliseo M. Rio, Jr. told reporters on the sidelines of an event.
He added that the department plans to have a working cybersecurity system “by the end of the year or in the first quarter next year.”
Mr. Rio said that the budget for the NCSP is part of the 2018 budget, but the DICT plans to start the bidding process to immediately proceed when the funds are disbursed.
“That money will arrive in March next year. But right now we can start the bidding so that when the budget arrives, a company will have won the bidding and we can give them the notice to proceed so that there will be no delay.”
He added that the contract awardee will oversee the NCSP for around three to four years before the DICT can fully manage the program on its own, as the department lacks the manpower and equipment needed to implement the program.
“We need to have it managed, maybe for the first three or four years…We have to think about outsourcing because the DICT has no personnel, equipment, to really have effective cybersecurity infrastructure,” Mr. Rio said.
The DICT launched the NCSP in May. The primary goals of the five-year plan are: to assure the continuous operation of critical infostructure, public and military networks; implementing cyber resiliency measures to enhance the ability to respond to threats before, during and after attacks; effective coordination with law enforcement agencies; and creating a cybersecurity- educated society.
The DICT, through the Cybercrime Investigation and Coordination Center, will institutionalize the adoption and implementation of Information Security Governance and Risk Management approaches based on global standards.
The department will also establish the National Computer Emergency Response Team, which will enable the government to quickly deal with cyber attacks.
During the creation of the plan, the DICT noted major cybersecurity incidents which occurred last year, including the hacking of the Bangladesh Central Bank’s Federal Reserve accounts in the United States, involving $101 million, the majority of which were diverted to various bank accounts in the Philippines, as well as the hacking of the Commission on Elections website prior to the elections, in which personal data of around 50 million voters were reportedly compromised. —