FB MINEX FB MINEX FB MINEX Twitter Minex ISSUU Minex Press Reader Minex YouTube Minex

Saturday, June 13, 2020

SEC tells corporations to step up cybersecurity

THE SECURITIES and Exchange Commission (SEC) has advised corporations to strengthen their cybersecurity as more Filipinos turn to digital transactions amid the Covid-19 pandemic.


The SEC encouraged corporations to assess their exposure to cybersecurity risks and craft the appropriate policies and measures, in light of recent reports of hacking incidents. 

“Digital transformation benefits businesses, allowing them to improve their productivity and realize greater efficiencies, but not without risks,” said SEC Chairperson Emilio Aquino.

The pandemic has amplified the advantages of digital technologies, as companies shifted to low-touch and online-only services in response to the stringent social distancing and quarantine measures imposed across the world.

In the Philippines, digital technologies have allowed some companies to sustain their operations while the country was placed under enhanced community quarantine. As digital transactions increased, however, reports of phishing attempts, data breaches and other cyberattacks likewise emerged.

“Cybersecurity is more than an IT matter. It is a corporate governance issue that companies should give serious attention to and proactively manage, as cyberattacks could damage their reputation, disrupt their operations, and eventually jeopardize their profitability and enterprise value,” Aquino explained.

The SEC also urged the boards of directors and senior management teams, in particular, to ensure they understand and can effectively confront the cybersecurity risks faced by corporations. “The boards of directors of companies must ensure that a robust cybersecurity strategy is in place and that existing cybersecurity measures, including regular penetration testing and risk assessments, remain effective amid the evolving security landscape,” Aquino said.

The SEC has been advocating cybersecurity and data privacy in the corporate sector, integrating best practices and standards in various rules and regulations.

For one, the corporate governance codes issued by the SEC recommends that  boards of directors establish audit committees, whose duties and responsibilities include the monitoring and evaluation of the security of information assets.

In the capital market, the SEC requires broker dealers, exchanges, clearing agencies, securities depositories and other participants to have a comprehensive information technology plan, pursuant to the 2015 Implementing Rules and Regulations of the Securities Regulation Code (Republic Act No. 8799).

Capital market participants are further mandated to subject their IT, business continuity and disaster recovery plans, and risk management systems to regular review and audit by independent firms. 

In 2016, the SEC also required capital market participants to report their compliance with data privacy and protection regulations. Republic Act No. 10173, or the Data Privacy Act of 2012, for one, requires organizations in both the government and the private sector to develop their privacy manuals. (With a report from the Cebu Examiner)


Like Us on Facebook: The Mindanao Examiner
Like Us on Facebook: The Zamboanga Post
Follow Us on Twitter: Mindanao Examine
Mirror Site: Mindanao Examiner Blog
Digital Archives: Mindanao Examiner Digital
Media Rates: Advertising Rates


No comments:

Post a Comment