Republic Act No. 10844, otherwise known as the “Department of Information and Communications Technology Act of 2015”, stipulates that DICT is mandated to ensure the security of Critical Information Infrastructure (CII), including information assets of the government, individuals, and businesses. DICT shall provide oversight over agencies governing and regulating the ICT sector and ensure consumer protection and welfare, data privacy and security, foster competition and the growth of ICT sector.

In line with this, the National Cybersecurity Plan (NCSP) 2022 was unveiled and published last May of 2017, and through this the DICT Memorandum Circulars (MCs) for the Implementation Plan have also been published in September 2017. In accordance to the NCSP, the MCs require the conduct of Security and Protection Assessment which will serve as an official reference for all CIIs.

The DICT Cybersecurity Bureau started the first phase of the Security and Protection Assessment by Recognizing Cybersecurity Assessment Providers. The scope of recognition are the following services:

1. Vulnerability Assessment and Penetration Testing (VAPT)
2. Vulnerability Assessment only (VA)
3. Penetration Testing only (PT)
4. Information Security Management System (ISMS)
5. Both services (VAPT and ISMS)

All applicant service providers are required to submit the following in order to be recognized and be listed in the Catalog:
1. Letter of Intent addressed to Director Jose Carlos P. Reyes, Cybersecurity Bureau
2. Company Profile
3. Business permit and SEC/DTI registration (Certified True Copy)
4. Relevant Accreditation either from Local or International Bodies (if any)


As of this date, the following entities are the Recognized Cybersecurity Assessment Providers by the Bureau:

COMPANYWEBSITESERVICE/S RECOGNIZEDVALID UNTIL                    
Equitable Computer Serviceshttps://www.equicom.com/VAPTSeptember 2021
Exceture Inc. https://exceture.com/VAPT AND ISMSOctober 2021
AegisOne Cyber Defense Corporationhttps://www.aegisonecybersec.com/VAPTOctober 2021
Reyes Tacandong & Co.www.reyestacandong.comVAPT AND ISMSOctober 2021
PRAGMATIC INSIGHTS OPChttps://www.pragmaticinsights.phVAPT AND ISMSOctober 2021
bneXt Inc.https://bnext.techVAPT AND ISMSOctober 2021
INGRESSUM Philippines Corp.https://www.ingressum.com/VAPTOctober 2021
Nexus Technologies, Inc.nexustech.com.phVAPTNovember 2021
SyCip Gorres Velayo & Co.https://www.sgv.ph/VAPT AND ISMSJanuary 2022
Macrologic Diversified Technologies Inc.https://www.macrologic.com.ph/VAPTJanuary 2022
NGT Global Inc.www.ngtglobal.com.phVAPT AND ISMSJanuary 2022
Navarro Amper & Co./ Deloitte Philippineshttps://www2.deloitte.com/ph/en.html/VAPT AND ISMSFebruary 2022
Sophie’s Information Technology Serviceshttps://sitesphil.com/VAPTApril 2022
Infobahn Communications, Inc.https://ibahn.net.ph/VAPTMay 2022
Secuna Software Technologies, Inchttp://www.secuna.ioVAPTJune 2022
Laggui & Associates, Inc. https://www.laggui.com/VAPT AND ISMSJune 2022
J Mantua IT Services Inc.www.mantuaservices.comVAPT AND ISMSJune 2022
Moodlearning, Inc.https://www.moodlearning.com/VAPT AND ISMSJune 2022
MULTI-FOLD Links, Inc.http://www.multifoldlinks.com/VAPTJune 2022
Mara Linux and Business Solutions, Inc. (Maralabs)https://maralabs.ph/VAPT and ISMSJuly 2022
Bluedog Cyber Security Inc.https://bluedog-security.com/VAPT AND ISMSJuly 2022
Pointwest Innovations Corporationwww.pointwest.com.phVAPT AND ISMSJuly 2022
Nullforge Security Inc.https://nullforge.net/VAPTJuly 2022
ROSEHALL Management Consultants, Inc.www.rosehall.com.ph ISMSJuly 2022
EUODOO TECHNOLOGIES, INC.WWW.EUODOO.COM.PHVAPTJuly 2022
Worldtech Information Solutions, Inc.WWW.WISPHIL.COMVAPT AND ISMSJuly 2022
Black Bear Securitieshttps://blackbearsecurities.comVAPT AND ISMSJuly 2022
Theos Cyber Solutions, Inc.https://theos-cyber.comVAPT AND ISMSJuly 2022
SMS Global Technologies Inc.www.smsgt.comVAPTAugust 2022
RED ROCK IT SECURITY INC.www.redrocksecurity.ioVAPTAugust 2022
ALTPAYNET CORP.https://altpaynet.comVAPT AND ISMSAugust 2022
TOTAL INFORMATION MANAGEMENT CORPORATIONwww.timcorp.net.phVAPT AND ISMSAugust 2022
Technopath Solutions Inc.www/technopatsolutions.comVAPT AND ISMSAugust 2022
ePLDT Inc.www.epldt.comVAPT AND ISMSAugust 2022
ION Management Solutions, Inc.www.ion-management.comVAPT AND ISMSAugust 2022
R.G. Manabat & Co.www.kpmg.com.phVAPT AND ISMSAugust 2022
Maroev Cyber Systems Inc.www.maroev.comVAPTSeptember 2022
Fibercom Telecom Phils., Inc.www.fibercomtelecoms.comVAPTSeptember 2022
Microgenesis Software Inc.www.mgenesis.comVAPTSeptember 2022

The DICT Cybersecurity Bureau is still accepting applications for recognition this year. For more information, please do not hesitate to contact us at rcap@dict.gov.ph