Ethical hackers to help DSWD fix security flaws
MANILA, Philippines — The Department of Social Welfare and Development (DSWD) will become the first government agency to pilot the national Bug Bounty Program (BBP), an initiative led by the Department of Information and Communications Technology (DICT) that invites ethical hackers to identify security vulnerabilities in government systems.
During a meeting at the DSWD central office, the DICT, through its Cybersecurity Bureau, announced that the DSWD would serve as the “first government agency to pilot the BBP,” placing the department “at the forefront of implementing collaborative cybersecurity mechanisms within the public sector.”
DICT Cybersecurity Undersecretary Julius Gorospe led the delegation and outlined how the program will work, including how cybersecurity researchers and ethical hackers can identify and responsibly report weaknesses in government platforms so they can be fixed before being exploited.
The initiative forms part of the government’s broader push to strengthen digital defenses as agencies continue to modernize systems and expand online public services.
The DSWD was represented by Assistant Secretary and Chief Information Officer Johannes Paulus Acuña. He was joined by Director III Atty. Divine Kristine Leaño-Campaña, concurrent officer in charge of the Office of the Assistant Secretary for Information and Communications Technology and CIO for the Information and Communications Technology Management Service (ICTMS), and Cybersecurity Officer Franklin Foronda of the ICTMS Cybersecurity Group.
Discussions also touched on the DSWD’s ongoing digital transformation initiatives, including efforts to modernize internal systems, improve service delivery and enhance the security of digital platforms that support social protection programs.
These platforms handle large volumes of sensitive data linked to government assistance programs, making cybersecurity a key priority as services continue to move online.
Strengthening cyber defenses
Aside from the BBP, the DICT Cybersecurity Bureau also introduced an enhanced Vulnerability Assessment and Penetration Testing (VAPT) strategy aimed at improving the detection and remediation of system vulnerabilities across government agencies.
The approach focuses on proactive security practices, structured testing processes and stronger coordination among government institutions.
Officials from both agencies said closer collaboration is necessary as more government services shift to digital platforms used by millions of Filipinos.
The meeting ended with both the DICT and the DSWD reaffirming their commitment to deepen interagency cooperation, strengthen cybersecurity governance and protect critical government systems.
Part of a broader cybersecurity push
The BBP is one of three major cybersecurity initiatives recently launched by the DICT to strengthen the country’s digital security posture.
In February, the agency announced a shift toward a more proactive cybersecurity strategy through the rollout of three programs: the BBP, the DICT Trusted Assessment Provider (D-TAP) framework and the Cybersecurity Posture Assessment Laboratory (CPAL).
“We are moving beyond reacting to cyber incidents. These programs institutionalize proactive security, thereby protecting government systems and the Filipino people who depend on them,” Gorospe said earlier.
Under the BBP, ethical hackers are encouraged to report vulnerabilities in government systems, helping secure online platforms widely used by the public.
RELATED STORY: China-linked espionage uncovered in PH, says NSC
Meanwhile, the D-TAP framework will accredit trusted cybersecurity firms to conduct vulnerability assessments and security audits for government platforms and critical infrastructure. The CPAL will provide structured assessments that help agencies identify system weaknesses early and strengthen defenses before cyberattacks occur.
“Cybersecurity is a shared responsibility. By engaging ethical hackers, accrediting trusted assessors and institutionalizing posture assessments, we are building a resilient digital ecosystem for the country,” Gorospe added. /dm
