Republic Act No. 10844, otherwise known as the “Department of Information and Communications Technology Act of 2015”, stipulates that DICT is mandated to ensure the security of Critical Information Infrastructure (CII), including information assets of the government, individuals, and businesses. DICT shall provide oversight over agencies governing and regulating the ICT sector and ensure consumer protection and welfare, data privacy and security, foster competition and the growth of ICT sector.
In line with this, the National Cybersecurity Plan (NCSP) 2022 was unveiled and published last May of 2017, and through this the DICT Memorandum Circulars (MCs) for the Implementation Plan have also been published in September 2017. In accordance to the NCSP, the MCs require the conduct of Security and Protection Assessment which will serve as an official reference for all CIIs.
The DICT Cybersecurity Bureau started the first phase of the Security and Protection Assessment by Recognizing Cybersecurity Assessment Providers. The scope of recognition are the following services:
1. Vulnerability Assessment and Penetration Testing (VAPT)
2. Vulnerability Assessment only (VA)
3. Penetration Testing only (PT)
4. Information Security Management System (ISMS)
5. Both services (VAPT and ISMS)
All applicant service providers are required to submit the following in order to be recognized and be listed in the Catalog:
1. Letter of Intent addressed to Director Jose Carlos P. Reyes, Cybersecurity Bureau
2. Company Profile
3. Business permit and SEC/DTI registration (Certified True Copy)
4. Relevant Accreditation either from Local or International Bodies (if any)
As of this date, the following entities are the Recognized Cybersecurity Assessment Providers by the Bureau:
| COMPANY | WEBSITE | SERVICE/S RECOGNIZED | VALIDITY |
|---|---|---|---|
| SyCip Gorres Velayo & Co. | https://www.sgv.ph/ | VAPT AND ISMS | Jan_2022 |
| Macrologic Diversified Technologies Inc. | https://www.macrologic.com.ph/ | VAPT | Jan_2022 |
| NGT Global Inc. | www.ngtglobal.com.ph | VAPT AND ISMS | Jan_2022 |
| Navarro Amper & Co./ Deloitte Philippines | https://www2.deloitte.com/ph/en.html/ | VAPT AND ISMS | Feb_2022 |
| Sophie’s Information Technology Services | https://sitesphil.com/ | VAPT | Apr_2022 |
| Infobahn Communications, Inc. | https://ibahn.net.ph/ | VAPT | May_2022 |
| Secuna Software Technologies, Inc | http://www.secuna.io | VAPT | Jun_2022 |
| Laggui & Associates, Inc. | https://www.laggui.com/ | VAPT AND ISMS | Jun_2022 |
| J Mantua IT Services Inc. | www.mantuaservices.com | VAPT AND ISMS | Jun_2022 |
| Moodlearning, Inc. | https://www.moodlearning.com/ | VAPT AND ISMS | Jun_2022 |
| MULTI-FOLD Links, Inc. | http://www.multifoldlinks.com/ | VAPT | Jun_2022 |
| Mara Linux and Business Solutions, Inc. (Maralabs) | https://maralabs.ph/ | VAPT and ISMS | Jul_2022 |
| Bluedog Cyber Security Inc. | https://bluedog-security.com/ | VAPT AND ISMS | Jul_2022 |
| Pointwest Innovations Corporation | www.pointwest.com.ph | VAPT AND ISMS | Jul_2022 |
| Nullforge Security Inc. | https://nullforge.net/ | VAPT | Jul_2022 |
| ROSEHALL Management Consultants, Inc. | www.rosehall.com.ph | ISMS | Jul_2022 |
| EUODOO TECHNOLOGIES, INC. | WWW.EUODOO.COM.PH | VAPT | Jul_2022 |
| Worldtech Information Solutions, Inc. | WWW.WISPHIL.COM | VAPT AND ISMS | Jul_2022 |
| Black Bear Securities | https://blackbearsecurities.com | VAPT AND ISMS | Jul_2022 |
| Theos Cyber Solutions, Inc. | https://theos-cyber.com | VAPT AND ISMS | Jul_2022 |
| SMS Global Technologies Inc. | www.smsgt.com | VAPT | Aug_2022 |
| RED ROCK IT SECURITY INC. | www.redrocksecurity.io | VAPT | Aug_2022 |
| ALTPAYNET CORP. | https://altpaynet.com | VAPT AND ISMS | Aug_2022 |
| TOTAL INFORMATION MANAGEMENT CORPORATION | www.timcorp.net.ph | VAPT AND ISMS | Aug_2022 |
| Technopath Solutions Inc. | www.technopathsolutions.com | VAPT AND ISMS | Aug_2022 |
| ePLDT Inc. | www.epldt.com | VAPT AND ISMS | Aug_2022 |
| ION Management Solutions, Inc. | www.ion-management.com | VAPT AND ISMS | Aug_2022 |
| R.G. Manabat & Co. | www.kpmg.com.ph | VAPT AND ISMS | Aug_2022 |
| Maroev Cyber Systems Inc. | www.maroev.com | VAPT | Sept_2022 |
| Fibercom Telecom Phils., Inc. | www.fibercomtelecoms.com | VAPT | Sept_2022 |
| Microgenesis Software Inc. | www.mgenesis.com | VAPT | Sept_2022 |
| YONDU Inc. | https://www.yondu.com | VAPT AND ISMS | Sept_2022 |
| Questronix Inc. | www.questronix.com.ph | VAPT AND ISMS | Sept_2022 |
| SyntechNX Corporation | www.syntechnx.com | VAPT AND ISMS | Sept_2022 |
| Trends & Technologies, Inc. | www.trends.com.ph | VAPT AND ISMS | Sept_2022 |
| RIGELTECH Corporation | VAPT AND ISMS | Sept_2022 | |
| iSolutions International Inc. | www.isolutions.com.ph | ISMS | Sept_2022 |
| Inspira Tech Philippines Corp. | www.inspiraenterprise.com | VAPT AND ISMS | Sept_2022 |
| I-Pepper Virtual Network, Inc. | www.ipvnetwork.com | VAPT AND ISMS | Sept_2022 |
| Isla Lipana & Company | https://www.pwc.com/ph | VAPT AND ISMS | Sept_2022 |
| MyBusybee, Inc. | www.mybusybee.net | VAPT AND ISMS | Sept_2022 |
| Action Labs IT Services Phils Corp. | https://www.actionlabs.com.ph/ | VAPT | Oct_2022 |
| MIDD Consulting and Outsourcing, Inc. | https://www.middco.com/ | VAPT AND ISMS | Oct_2022 |
| Pineda Cybersecurity | https://pinedacybersecurity.com/ | VAPT AND ISMS | Oct_2022 |
| Exceture Inc. | https://exceture.com/ | VAPT AND ISMS | Nov_2022 |
| Indra Philippines, Inc | https://www.indracompany.com/en/pais/philippines | VAPT AND ISMS | Nov_2022 |
The DICT Cybersecurity Bureau is still accepting applications for recognition this year. For more information, please do not hesitate to contact us at rcap@dict.gov.ph