Recently, we interviewed Major Carlos Ely C. Tingson, Data Protection Officer of the Presidential Security Group and heads the Technical Surveillance Countermeasures (TSCM) and Electronic Countermeasures (ECM) Teams. He also serves as a Cyber Security Consultant for the National Security Council.
He is a member of the Philippine Military Academy “Mandala” Class of 2006, earned his commission in the Philippine Army and served in the 2nd Infantry Division and the Special Operations Command.
He finished his postgraduate studies in Research and Development Management from the University of the Philippines and his MSc in Information Security (With Distinction) from the Royal Holloway University of London as a British Chevening Scholar. He is also an alumnus of the US International Visitor Leadership Program and a graduate of the International Program on Cyber Security Studies at the George C Marshall European Center for Security Studies.
Paying it forward, he teaches Applied Cryptography at the Holy Angel University in its Masters in Cyber Security program, the first such program in the Philippines. He is a Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), EC-Council Certified Security Analyst (ECSA), Certified Information Security Manager (CISM), and a Certified Information Systems Security Professional (CISSP).
Based on Major Tingson’s years of experience he’s unquestionably an expert in cyber security.
While we cannot avoid all attacks, we can stop some of them. We were very lucky to sit down with him to gain a few insights.
- Prevention is the best defense in Cybersecurity
He said it best, “As much as possible, we want to be on the preventive side and put everything in place necessary to protect our system.” Far too many organizations are hit with malware, ransomware, or phishing attacks that could have easily been prevented through improved security systems and security awareness training.
For Major Tingson, cyberattacks shouldn’t be the only reason to invest in upgrades, businesses must do all possible tasks and necessities to strengthen their digital defenses in an ever-changing cyber world.
- Investing in upgrades is a business necessity
System upgrades are not just about being up-to-date or having the ‘latest’ tech. They are a vital part of keeping IT systems secure from cybercrime. But why do most businesses in the Philippines are hesitant to invest in upgrades? Major Tingson’s opinion on the matter was, “Our economy was largely characterized by large businesses that do not have much competition so there’s no demand for solution providers to scale up, modernize and replace their outdated systems.”
According to Major Tingson, businesses do not fully understand the risk of using outdated systems. Aside from business operational and reputational risk, there is not much evidence of businesses considering litigation risk.
“I don’t think we’ve heard of any organization or businesses here in the Philippines that were slapped with fines for being hacked. If we consider regulating businesses and organizations with heavy fines, we would be forcing them to substantially invest in digitalization.”
- On strengthening Data Privacy Awareness
As someone who’s been around the industry for a long time, he always reminds people and organizations of key data privacy principles of transparency, legitimacy, proportionality, and data quality.
Data privacy is a serious concern anywhere in the world. And the more people are aware, the better they will be able to protect themselves from a large number of risks.
Want to learn more? Major Tingson will be giving a presentation at the 3rd IT Security Asia 2022 taking place on April 20, 2022, at Shangri-La, The Fort, Manila. His session will be about strengthening Philippine cyber defense through collaboration between the government and the public and private sectors.