In this episode of our Speaker Spotlight Series, we interviewed Dir. Jose Carlos Reyes. He is currently the Director of the CyberSecurity Bureau under the Department of Information and Communications Technology (DICT). He was the former president of the National Committee of the Philippines of the International Electrotechnical Commission. He was also the former National President of the Institute of Electronics Engineers of the Philippines (IECEP) and was the founding Vice President of the Philippine Association of Government Electronics Engineers (PAGE).
Dir. Reyes is a Professional Electronics Engineer by profession. He has more than thirty years of professional experience of which fifteen years have been devoted to government service, specifically with the national standards body – Bureau of Philippine Standards (BPS) of the Department of Trade and Industry (DTI).
He was a technical manager of SGS Regional Headquarters where he shared his expertise on information security management systems, standardization, accreditation, certification, testing, and compliance to international standards such as ISO, IEC, ITU, among others.
He has earned a Bachelor’s Degree in Electronics and Communications Engineering at the Mapua Institute of Technology and a Master’s in Business Administration at the Pamantasan ng Lungsod ny Maynila.
In this session, we discussed the current threats, data privacy, and the actions you need to take to be cyber-safe. To uncover his thoughts, continue reading the full interview below.
- How long have you been in the industry?
I was in the Department of Information and Communications Technology (DICT) for the past five years. Prior to my appointment as the director for the cybersecurity bureau, I was working with them as a consultant from 2017 until such time I was appointed by the president to my current position.
I was part of the team that crafted the National Cybersecurity Plan 2022. I came from the private sector for five years, it’s a multinational company but before that one, I was already with the government for 15 years at the Department of Trade and Industry.
- According to the study from a reputable technology company based in the United States, the majority of the organizations here in the Philippines are using outdated systems. What do you think are the factors why most organizations are hesitant to invest in upgrades?
Most of the middle managers are quite wary about what’s happening especially in terms of addressing cybersecurity. Sometimes we hear from our fellow cybersecurity advocates that deal with the dilemma on how they would be hard selling their proposal to the management specifically on the relevance of cyber security.
It is not that they don’t want to but selling cybersecurity can be difficult. There is this gap in understanding that often makes cybersecurity difficult to advocate, despite its indisputable value. Oftentimes, executives would ask, “What’s in it for us?” or “What’s the return on investment?”. This remains an issue in many executive boards despite the demonstrated consequences.
Leaders should prioritize cybersecurity before it’s too late. If you don’t have a solid security strategy in place to protect your organization, it’s not a matter of “IF” but a matter of “WHEN” before you find yourself dealing with an attack.
- Data Privacy is a relevant issue in our society today, as a security expert, how do you think should we strengthen Data Privacy Awareness?
It’s important that we are knowledgeable of the Data Privacy Act. You, as an individual, have a lot at stake when it comes to data privacy. The more you know about it, the better able you’ll be to help protect yourself from a large number of risks.
“Humans are the weakest link” in the cybersecurity chain and it seems truer than ever. In this digital world, where millions of consumers get conned every day, please take note that you still have more power than you know. Your common sense can actually help you avoid a cybersecurity disaster.
Phishing for users’ personal information via email, texts, and phone calls is very common nowadays. However, applying sound judgment online stops fraudsters from stealing your data and money.
- What can attendees of the 3rd IT Security Asia expect in your presentation?
I will, in my presentation, make clear what the government has been doing, specifically on the implementation of the National Cybersecurity Plan. Probably, I will also be touching on our various programs and what we did during the Covid-19 pandemic, and the activities we have conducted to address the cyber resilience of the Philippines.
- Message to fellow IT Leaders attending the 3rd IT Security Asia 2022
Cyber security is an important concern for every organization and individual. It’s not just about technology, but it also involves a mix of psychological, economical, and social aspects. We should approach cybersecurity as simple as possible, we apply basic concepts so as not to complicate it.
In terms of application, a few definitions are in order. You should have a thorough understanding of what is at risk. From there, you can tailor your cybersecurity program to specific organizational needs and operational vulnerabilities. Leaders should take control of allocating resources necessary to cyber security, actively engage in information security decisions, and build an informed and knowledgeable organizational culture.
Dir. Jose Carlos Reyes will lead the opening keynote presentation at the 3rd IT Security Asia on April 20, 2022, to be held in Shangri-La, The Fort, Manila. Registration is now open so book your spot today!
#speakerspotlight #ITSecurityAsia #ITSecPH2022 #CloudSecurity #ThreatIntelligence #ZeroTrust #FraudDetection #ItsecurityPolicies #DataPrivacy