As a sneak preview of the upcoming 3rd IT Security Asia 2022, we sat down with Raymund Patrick Ramos, Assistant Vice President, Transformation Delivery Head of the Business Transformation Office at Metro Pacific Tollways Corporation, the largest toll road operator in the Philippines and one of the largest in Asia.
He will join the event as a panel member leading the discussion on, “Strengthening the Philippines cyber defense through collaboration between the government and the public and private sector”.
Raymund has over 15 years of experience in the field of Information Technology, IT Management, Supply Chain Management in FMCG & Retail, and Project Management, gaining extensive knowledge in enterprise data management. These become the foundations that led to the delivery of organization-wide data strategy, data analytics platform and operating models, integration strategies, and core & enterprise system delivery. He held key leadership and management positions in different technology disciplines from strategy formulation, cloud migration, large-scale project management, multi-vendor systems integration, system architecture, and design, software development, service delivery/management, and technology operations.
He also played key roles in delivering improvements on account management solutions such as the Easytrip RFID and Online RFID Registration and Appointment System (ORRAS) for the MPTC Toll Roads and digital solutions such as DriveHub. During his time in MPTC, key enterprise projects were delivered in Human Capital Management System (HCMS) and Enterprise Resource Planning (ERP) System.
In the article below, Raymund utilized his experience and expertise to dive deep into some of the emerging cybersecurity challenges and why it’s important now more than ever.
- Getting to know Raymund
I am the one who pioneered putting IT structure in the Metro Pacific Tollways Corporation (MPTC) a few years back where the totality of the IT disciplines has an opportunity to develop a structure that supports our business goals. I started with development work putting structure and centralizing development work. At the same time, I was establishing our security policies and data privacy policies, and compliance with the NPC.
Nowadays, digital is very rampant or second nature, we are working hard to ensure that there’s a robust security platform and processes in place, as well as reinforced policies. Security policies are ever-changing as we cope with the changing demands of the business as well as the demands of our customers.
- According to a study from a reputable technology company based in the United States, the majority of the organizations here in the Philippines are using outdated systems. What do you think are the factors why most organizations are hesitant to invest in upgrades?
I think it’s general that the priority of most companies is really to run the business and to gain revenue. For them, it’s still a journey to understand that digital and IT are already part of the business as usual. Most companies right now are not yet there in relying heavily on these technologies. That is why they tend to make it the least priority. But in the last two years, especially when the COVID pandemic hit where everyone ventured into digital, our customer information now digitally interacts with our customers. The awareness of having a robust security platform and processes in place has steadily increased and reached the decision-makers in the business. I think the study is fair because we’re still on that journey but I think eventually it will improve as time goes by.
- Data Privacy is a relevant issue in our society today, as a security expert, how do you think should we strengthen Data Privacy Awareness?
We have to strengthen it in two ways. One, is to the data owners themselves, the customers because it’s their data. They’re just authorizing different businesses to process or to use their data. Everyone needs to have a consolidated effort in educating the masses that data now is very powerful compared to before. A combination of data sets can move your bank account. It can create an account that looks like you but it’s not really you. People really need to be aware and be sensitive about their data.
Second, on the enterprise side or the business side, education to all employees especially those that are handling data or information needs to be done regularly. When I say education, this is not just an online training that they need to take on for 30 minutes to an hour. There should be an assessment afterward to ensure that employees understand the importance of data and the importance of data handling.
I think we need to reinforce data handling procedures and policies to ensure that even within our grounds, or within the organization, they don’t misuse or they don’t abuse the use and processing of data.
- What can attendees anticipate at the 3rd IT Security Asia 2022?
At the 3rd IT Security Asia 2022, we’ll reinforce the importance of data information and security. On top of that, I think what they can expect to know is who to tap in case they get into trouble. They also can expect to learn more about what the government is doing to secure our infrastructure in the country.
For the likes of me, I will be giving insights on how important security is to business especially if you’re trying to transform your business from a basic brick and mortar to a digital business which is kind of the trend nowadays. These opportunities for collaboration and sharing knowledge are very vital to cybersecurity success.
- Message to fellow IT Leaders attending the 3rd IT Security Asia 2022
As an IT leader in our company, it’s more on establishing the right foundations for the business you’re working for. Now that a lot are venturing into digital, using data, or processing customer information, those are precious assets for the company and the individuals themselves. As IT leaders, we need to ensure that these personal belongings and assets of the company are well secured. Second, since we have those already and we have sort of the understanding on how to maximize this information, both on improving the customer experience and on improving company efficiencies, we need to start educating or putting technology and IT data as part of the business as usual of the organizations that we are in, whether in public or private. It’s very powerful enough to improve everyone’s lives not only the company but also the consumers. I think that will be a challenge that I’ll be leaving to all of us as IT leaders.