Republic Act No. 10844, otherwise known as the “Department of Information and Communications Technology Act of 2015”, stipulates that DICT is mandated to ensure the security of Critical Information Infrastructure (CII), including information assets of the government, individuals, and businesses. DICT shall provide oversight over agencies governing and regulating the ICT sector and ensure consumer protection and welfare, data privacy and security, foster competition and the growth of ICT sector.

In line with this, the National Cybersecurity Plan (NCSP) 2022 was unveiled and published last May of 2017, and through this the DICT Memorandum Circulars (MCs) for the Implementation Plan have also been published in September 2017. In accordance to the NCSP, the MCs require the conduct of Security and Protection Assessment which will serve as an official reference for all CIIs.

The DICT Cybersecurity Bureau started the first phase of the Security and Protection Assessment by Recognizing Cybersecurity Assessment Providers. The scope of recognition are the following services:

1. Vulnerability Assessment and Penetration Testing (VAPT)
2. Vulnerability Assessment only (VA)
3. Penetration Testing only (PT)
4. Information Security Management System (ISMS)
5. Both services (VAPT and ISMS)

All applicant service providers are required to submit the following in order to be recognized and be listed in the Catalog:
1. Letter of Intent addressed to Director Jose Carlos P. Reyes, Cybersecurity Bureau
2. Company Profile
3. Business permit and SEC/DTI registration (Certified True Copy)
4. Relevant Accreditation either from Local or International Bodies (if any)

 

As of this date, the following entities are the Recognized Cybersecurity Assessment Providers by the Bureau:

COMPANYWEBSITESERVICE/S RECOGNIZEDVALIDITY
SyCip Gorres Velayo & Co.https://www.sgv.ph/VAPT AND ISMSJan_2022
Macrologic Diversified Technologies Inc.https://www.macrologic.com.ph/VAPTJan_2022
NGT Global Inc.www.ngtglobal.com.phVAPT AND ISMSJan_2022
Navarro Amper & Co./ Deloitte Philippineshttps://www2.deloitte.com/ph/en.html/VAPT AND ISMSFeb_2022
Sophie’s Information Technology Serviceshttps://sitesphil.com/VAPTApr_2022
Infobahn Communications, Inc.https://ibahn.net.ph/VAPTMay_2022
Secuna Software Technologies, Inchttp://www.secuna.ioVAPTJun_2022
Laggui & Associates, Inc.https://www.laggui.com/VAPT AND ISMSJun_2022
J Mantua IT Services Inc.www.mantuaservices.comVAPT AND ISMSJun_2022
Moodlearning, Inc.https://www.moodlearning.com/VAPT AND ISMSJun_2022
MULTI-FOLD Links, Inc.http://www.multifoldlinks.com/VAPTJun_2022
Mara Linux and Business Solutions, Inc. (Maralabs)https://maralabs.ph/VAPT and ISMSJul_2022
Bluedog Cyber Security Inc.https://bluedog-security.com/VAPT AND ISMSJul_2022
Pointwest Innovations Corporationwww.pointwest.com.phVAPT AND ISMSJul_2022
Nullforge Security Inc.https://nullforge.net/VAPTJul_2022
ROSEHALL Management Consultants, Inc.www.rosehall.com.ph ISMSJul_2022
EUODOO TECHNOLOGIES, INC.WWW.EUODOO.COM.PHVAPTJul_2022
Worldtech Information Solutions, Inc.WWW.WISPHIL.COMVAPT AND ISMSJul_2022
Black Bear Securitieshttps://blackbearsecurities.comVAPT AND ISMSJul_2022
Theos Cyber Solutions, Inc.https://theos-cyber.comVAPT AND ISMSJul_2022
SMS Global Technologies Inc.www.smsgt.comVAPTAug_2022
RED ROCK IT SECURITY INC.www.redrocksecurity.ioVAPTAug_2022
ALTPAYNET CORP.https://altpaynet.comVAPT AND ISMSAug_2022
TOTAL INFORMATION MANAGEMENT CORPORATIONwww.timcorp.net.phVAPT AND ISMSAug_2022
Technopath Solutions Inc.www.technopathsolutions.comVAPT AND ISMSAug_2022
ePLDT Inc.www.epldt.comVAPT AND ISMSAug_2022
ION Management Solutions, Inc.www.ion-management.comVAPT AND ISMSAug_2022
R.G. Manabat & Co.www.kpmg.com.phVAPT AND ISMSAug_2022
Maroev Cyber Systems Inc.www.maroev.comVAPTSept_2022
Fibercom Telecom Phils., Inc.www.fibercomtelecoms.comVAPTSept_2022
Microgenesis Software Inc.www.mgenesis.comVAPTSept_2022
YONDU Inc.https://www.yondu.comVAPT AND ISMSSept_2022
Questronix Inc.www.questronix.com.phVAPT AND ISMSSept_2022
SyntechNX Corporationwww.syntechnx.comVAPT AND ISMSSept_2022
Trends & Technologies, Inc.www.trends.com.phVAPT AND ISMSSept_2022
RIGELTECH CorporationVAPT AND ISMSSept_2022
iSolutions International Inc.www.isolutions.com.phISMSSept_2022
Inspira Tech Philippines Corp.www.inspiraenterprise.comVAPT AND ISMSSept_2022
I-Pepper Virtual Network, Inc.www.ipvnetwork.comVAPT AND ISMSSept_2022
Isla Lipana & Companyhttps://www.pwc.com/phVAPT AND ISMSSept_2022
MyBusybee, Inc.www.mybusybee.netVAPT AND ISMSSept_2022
Action Labs IT Services Phils Corp.https://www.actionlabs.com.ph/VAPTOct_2022
MIDD Consulting and Outsourcing, Inc.https://www.middco.com/VAPT AND ISMSOct_2022
Pineda Cybersecurityhttps://pinedacybersecurity.com/VAPT AND ISMSOct_2022
Exceture Inc.https://exceture.com/VAPT AND ISMSNov_2022
Indra Philippines, Inchttps://www.indracompany.com/en/pais/philippinesVAPT AND ISMSNov_2022

The DICT Cybersecurity Bureau is still accepting applications for recognition this year. For more information, please do not hesitate to contact us at rcap@dict.gov.ph