DICT Cybersecurity

🔒 𝗦𝗧𝗥𝗔𝗧𝗘𝗚𝗜𝗖 𝗔𝗟𝗜𝗚𝗡𝗠𝗘𝗡𝗧 𝗙𝗢𝗥 𝗔 𝗦𝗔𝗙𝗘𝗥 𝗗𝗜𝗚𝗜𝗧𝗔𝗟 𝗣𝗛𝗜𝗟𝗜𝗣𝗣𝗜𝗡𝗘𝗦

To fortify the nation’s cyber defenses and integrate technology into law enforcement, the Department of Information and Communications Technology (DICT) hosted a Focused Consultation Meeting with the National Police Commission (NAPOLCOM) on May 20, 2026, at the DICT Central Office in Quezon City.

The high-level meeting began with an opening message from NAPOLCOM Commissioner Josephus G. Angan, paving the way for an in-depth review of the 2026 National Crime Prevention Program (NCPP).

With a shared vision of a cyber-resilient nation, key discussions focused on:
✅ Evaluating DICT-related initiatives and deliverables under the 2026 NCPP
✅ Aligning DICT digital crime prevention programs and technical cybersecurity support
✅ Finalizing data-sharing policies, secure interoperability arrangements, and addressing ICT infrastructure gaps
✅ Streamlining reporting and monitoring frameworks between both agencies

By clarifying roles and strengthening inter-agency synergy, DICT and NAPOLCOM are paving the way for a more secure, connected, and technologically advanced approach to national crime prevention.

The Department of Information and Communications Technology (DICT) - Cybersecurity Bureau participated in the 2nd Quarter Meeting of the Cybersecurity Groups under the Energy Sector Cybersecurity and Cyber Resilience Framework held on 21 May 2026 (Thursday), hosted by the Department of Energy – Task Force Energy Resilience, together with the Oversight Committee on Energy Sector Cybersecurity and Cyber Resilience (OC-ESCCR) and the Technical Working Group on the Identification of Critical Information Infrastructure (TWG-IDCII). During the meeting, the DICT Cybersecurity Bureau provided subject matter expertise on the Cyber Threat Landscape in the Philippines, presented updates on the criteria and identification of Critical Information Infrastructures (CIIs), and discussed new DICT cybersecurity policies and programs aimed at strengthening the nation’s cyber resilience.

This important gathering reinforced the commitment of government agencies and stakeholders to safeguard the country’s critical infrastructure and protect the nation’s digital assets from evolving cyber threats. Through stronger collaboration, information sharing, and unified cybersecurity initiatives, the activity highlighted the vital role of public sector coordination in ensuring a secure, resilient, and trusted digital environment for the Philippines.

𝗦𝗧𝗔𝗧𝗘𝗠𝗘𝗡𝗧 𝗢𝗡 𝗧𝗛𝗘 𝗔𝗖𝗖𝗘𝗦𝗦 𝗗𝗜𝗦𝗥𝗨𝗣𝗧𝗜𝗢𝗡 𝗧𝗢 𝗧𝗛𝗘 𝗣𝗖𝗢 𝗔𝗡𝗗 𝗢𝗙𝗙𝗜𝗖𝗜𝗔𝗟 𝗚𝗔𝗭𝗘𝗧𝗧𝗘 𝗪𝗘𝗕𝗦𝗜𝗧𝗘𝗦

Manila, Philippines — May 20, 2026 — The Department of Information and Communications Technology (DICT), in coordination with the Presidential Communications Office (PCO), issues this statement regarding the recent accessibility status of the Official Gazette and the PCO website.

At approximately 3:00 PM yesterday, May 19, 2026, it was reported that the Official Gazette and the PCO website were temporarily inaccessible. Technical teams were immediately deployed to assess the situation and initiate restoration procedures.

As of 12:28 AM today, May 20, 2026, continuous monitoring indicates that both the Official Gazette and the PCO website have been fully restored and are currently accessible to the public. Users may, however, experience slightly slower page loading times than usual as system optimization continues.

The DICT through its National Computer Emergency Response Team (NCERT) is currently conducting a thorough investigation and is preparing the necessary audit logs. DICT-NCERT is actively collaborating with the PCO to verify whether the earlier downtime was the result of scheduled maintenance, configuration updates, intentional administrative actions, or other external causes.

Further updates will be provided as more verified information becomes available.

On 14 May 2026, the DICT Cybersecurity Bureau successfully conducted the second batch of the Protective Risk and Integrity Scoring Model (PRISM) Workshop at the DICT Headquarters, bringing together representatives from 18 government agencies.

The workshop marked a decisive step beyond risk identification. Participants translated their PRISM baseline results into operational strategies within the SecurityScorecard ecosystem, enabling near real-time visibility of vulnerabilities and supporting a more proactive cybersecurity posture.

This initiative reinforces DICT’s commitment to Active Defense—a forward-looking approach centered on early detection, continuous monitoring, and measurable risk reduction.

With a clear goal of reducing high-criticality vulnerabilities quarterly and sustaining centralized visibility across the national digital infrastructure, DICT Cybersecurity continues to strengthen the government’s cyber resilience.

Together, we are building a more secure, metrics-driven digital ecosystem for the Philippine government.

𝗦𝗧𝗔𝗧𝗘𝗠𝗘𝗡𝗧 𝗢𝗡 𝗔𝗟𝗟𝗘𝗚𝗘𝗗 𝗖𝗬𝗕𝗘𝗥𝗦𝗘𝗖𝗨𝗥𝗜𝗧𝗬 𝗜𝗡𝗖𝗜𝗗𝗘𝗡𝗧 𝗜𝗡𝗩𝗢𝗟𝗩𝗜𝗡𝗚 𝗠𝗘𝗥𝗔𝗟𝗖𝗢

On May 17, 2026, the DICT, through the Cybersecurity Bureau, monitored social media posts claiming a cybersecurity incident involving the Manila Electric Company (Meralco). The Cybersecurity Bureau–National Computer Emergency Response Team (CSB-NCERT) is currently assessing and validating the reported information and its potential impact.

Based on initial monitoring, the threat actor claimed unauthorized access to certain organizational systems and publicly shared downloadable files purportedly related to a specific project of the affected entity. The shared materials include project-related documents such as work permits, inspection forms, test forms, and blueprints.

As of this date, all information regarding the alleged breach is based solely on publicly shared posts attributed to the threat actor and remains unverified pending technical validation and further investigation. No formal coordination or official confirmation has yet been established between CSB-NCERT and Meralco regarding the authenticity, scope, or potential impact of the alleged incident. Nevertheless, CSB-NCERT has already notified the Department of Energy (DoE), the regulatory body overseeing the sector to which the concerned entity belongs.

CSB-NCERT has initiated efforts to establish communication and coordination with the concerned entity to facilitate incident verification, technical assessment, appropriate response measures, and the provision of assistance for recovery from the alleged incident.

The public is advised to refrain from downloading, sharing, or redistributing the files or links associated with the incident, as these may contain sensitive information or potentially harmful content.

Should any material developments arise, they will be communicated through official channels.

𝗦𝗧𝗔𝗧𝗘𝗠𝗘𝗡𝗧 𝗢𝗡 𝗢𝗡𝗟𝗜𝗡𝗘 𝗖𝗟𝗔𝗜𝗠𝗦 𝗢𝗙 𝗔𝗟𝗟𝗘𝗚𝗘𝗗 𝗣𝗢𝗣-𝗨𝗣 𝗪𝗜-𝗙𝗜 𝗔𝗖𝗧𝗜𝗩𝗜𝗧𝗬 𝗜𝗡 𝗧𝗛𝗘 𝗦𝗘𝗡𝗔𝗧𝗘

On May 14, 2026, DICT through the Cybersecurity Bureau received information from an online post alleging suspicious wireless access point (Wi-Fi) activity around the network environment of the Senate of the Philippines.

At this time, the statements are solely based on the contents of the post and remain unverified. There is currently no confirmed information indicating any compromise of government systems or critical digital infrastructure of the said agency directly related to the claims being circulated online. Appropriate validation and assessment activities are likewise being conducted to determine the nature and legitimacy of the information received.

The public is advised to exercise caution in sharing unverified cybersecurity-related information online, as speculative or misleading posts may cause unnecessary alarm or confusion.

As part of standard cybersecurity protocols, relevant government offices are being encouraged to review and strengthen network security measures, including the monitoring of wireless access points, unauthorized devices, and suspicious network activities. While the reported claims remain subject to verification, the public is encouraged to observe the following network security measures:

• Connect only to official and verified Wi-Fi networks.
• Disable automatic Wi-Fi connections on mobile devices and laptops to prevent unintended access to unknown networks.
• Immediately report suspicious Wi-Fi pop-ups, unauthorized network prompts, or unusual connectivity behavior to the appropriate authorities.

The Department assures the public that the security of government digital systems remains a top priority. Together with its partners, DICT remains committed to safeguarding the reliability and integrity of government online services and sustaining public trust in national digital governance efforts.

We officially launched our Cyber Hygiene Session for DICT employees through the activity “Think. Click.Secure: Building Trust Through Cyber Awareness” held on May 12, 2026, with two engaging sessions at 8:30 AM and 10:30 AM.

This initiative marks the beginning of a continuous learning journey aimed at keeping every DICT personnel informed, equipped, and cyber-ready—strengthening our collective defense against evolving cyber threats. 💡

Conducted onsite at the DICT Studio 7 Conference Room with online participation from across the regions, the activity reflects our shared commitment to promoting responsible digital behavior and building a stronger cybersecurity culture within the Department.

Aligned with the directive of the Secretary and in collaboration with HRDD, this program will continue through succeeding sessions to ensure that all DICT employees are empowered with the right knowledge and practices to stay secure in the digital space.

Together, we are not just informed—we are cyber-ready. 🔒✨
See you in the next session as we continue building a safer digital workplace for all.

Thank you to everyone who participated and supported the activity in building a more cyber-aware and secure workplace. 🔒✨

Iba't ibang sektor ng pamahalaan, nagsama-sama upang palakasin ang cybersecurity sa critical sectors ng bansa.

Bilang proactive measure sa pagpapalakas ng cybersecurity lalong-lalo na sa mga kritikal na sektor sa bansa, nagpulong ang mga sangay ng pamahalaan kabilang ang Department of Information and Communications Technology (DICT), Department of Energy (DOE), Office for Transportation Security (OTS), National Grid Corporation of the Philippines (NGCP), at National Electrification Administration (NEA).

Ito ay bilang pagsunod sa utos ni Pangulong Ferdinand Marcos Jr. na siguruhin ang isang Bagong Pilipinas na digitally empowered, secure, at resilient.

"Ang cybersecurity ay hindi na lamang isang IT concern. It is a national priority. It is about protecting our economy, our institutions, and ultimately, the lives of every Filipino," Ito ang binigyang diin ni DICT Secretary Henry Aguda sa nasabing pagpupulong.

Tinugunan ng nasabing pagpupulong na mapag-usapan ang mga kinakaharap na hamon ng iba't ibang critical sectors sa bansa sa larangan ng cybersecurity at mapalakas ang kanilang pagtutulungan.

Ang usapin ng cybersecurity ay hindi lamang para sa pamahalaan kundi para rin sa bawat mamamayan. Sama-sama tayong magtulungan tungo sa isang digitally secured na Bagong Pilipinas.

On April 30, 2026, the DICT Cybersecurity Bureau conducted a successful one-day workshop on the Protective Risk and Integrity Scoring Model (PRISM) at the DICT Headquarters, bringing together 15 government agencies to strengthen the connection between cybersecurity assessment and actionable defense strategies.

The session guided participants in translating their PRISM assessment results into operational use within the SecurityScorecard ecosystem, enabling near real-time monitoring of identified vulnerabilities and promoting a shift from reactive remediation to a proactive Active Defense posture.

As tangible outputs, over 30 personnel demonstrated proficiency in using Scorecard for cybersecurity assessment and continuous risk monitoring, a 90-day mitigation action plans were developed based on PRISM findings, and a consolidated impact report was produced from 1,500 PRISM reports to inform future DICT cybersecurity policies.

In the long term, the initiative is expected to reduce high-criticality vulnerabilities within six months, provide continuous visibility of government infrastructure health through a centralized dashboard, and foster a culture of metrics-driven, tool-enabled operational resilience across participating agencies.