Republic Act No. 10844, otherwise known as the “Department of Information and Communications Technology Act of 2015”, stipulates that DICT is mandated to ensure the security of Critical Information Infrastructure (CII), including information assets of the government, individuals, and businesses. DICT shall provide oversight over agencies governing and regulating the ICT sector and ensure consumer protection and welfare, data privacy and security, foster competition and the growth of ICT sector.

In line with this, the National Cybersecurity Plan (NCSP) 2022 was unveiled and published last May of 2017, and through this the DICT Memorandum Circulars (MCs) for the Implementation Plan have also been published in September 2017. In accordance to the NCSP, the MCs require the conduct of Security and Protection Assessment which will serve as an official reference for all CIIs.

The DICT Cybersecurity Bureau started the first phase of the Security and Protection Assessment by Recognizing Cybersecurity Assessment Providers. The scope of recognition are the following services:

1. Vulnerability Assessment and Penetration Testing (VAPT)
2. Vulnerability Assessment only (VA)
3. Penetration Testing only (PT)
4. Information Security Management System (ISMS)
5. Both services (VAPT and ISMS)

All applicant service providers are required to submit the following in order to be recognized and be listed in the Catalog:
1. Letter of Intent addressed to Director Jose Carlos P. Reyes, Cybersecurity Bureau
2. Company Profile
3. Business permit and SEC/DTI registration (Certified True Copy)
4. Relevant Accreditation either from Local or International Bodies (if any)

As of this date, the following entities are the Recognized Cybersecurity Assessment Providers by the Bureau:

Equitable Computer Services 2021
Exceture Inc. AND ISMSOctober 2021
AegisOne Cyber Defense Corporation 2021
Reyes Tacandong & Co.www.reyestacandong.comVAPT AND ISMSOctober 2021
PRAGMATIC INSIGHTS OPChttps://www.pragmaticinsights.phVAPT AND ISMSOctober 2021
bneXt Inc.https://bnext.techVAPT AND ISMSOctober 2021
INGRESSUM Philippines Corp. 2021
Nexus Technologies, 2021
SyCip Gorres Velayo & Co. AND ISMSJanuary 2022
Macrologic Diversified Technologies Inc. 2022
NGT Global AND ISMSJanuary 2022
Navarro Amper & Co./ Deloitte Philippines AND ISMSFebruary 2022
Sophie’s Information Technology Services 2022
Infobahn Communications, Inc. 2022
Secuna Software Technologies, Inchttp://www.secuna.ioVAPTJune 2022
Laggui & Associates, Inc. AND ISMSJune 2022
J Mantua IT Services Inc.www.mantuaservices.comVAPT AND ISMSJune 2022
Moodlearning, Inc. AND ISMSJune 2022
MULTI-FOLD Links, Inc. 2022
Mara Linux and Business Solutions, Inc. (Maralabs) and ISMSJuly 2022
Bluedog Cyber Security Inc. AND ISMSJuly 2022
Pointwest Innovations AND ISMSJuly 2022
Nullforge Security Inc. 2022
ROSEHALL Management Consultants, ISMSJuly 2022
Worldtech Information Solutions, Inc.WWW.WISPHIL.COMVAPT AND ISMSJuly 2022
Black Bear Securitieshttps://blackbearsecurities.comVAPT AND ISMSJuly 2022
Theos Cyber Solutions, Inc.https://theos-cyber.comVAPT AND ISMSJuly 2022
SMS Global Technologies Inc.www.smsgt.comVAPTAugust 2022
RED ROCK IT SECURITY INC.www.redrocksecurity.ioVAPTAugust 2022
ALTPAYNET CORP.https://altpaynet.comVAPT AND ISMSAugust 2022
Technopath Solutions Inc.www/technopatsolutions.comVAPT AND ISMSAugust 2022
ePLDT Inc.www.epldt.comVAPT AND ISMSAugust 2022
ION Management Solutions, Inc.www.ion-management.comVAPT AND ISMSAugust 2022
R.G. Manabat & AND ISMSAugust 2022
Maroev Cyber Systems Inc.www.maroev.comVAPTSeptember 2022
Fibercom Telecom Phils., Inc.www.fibercomtelecoms.comVAPTSeptember 2022
Microgenesis Software Inc.www.mgenesis.comVAPTSeptember 2022

The DICT Cybersecurity Bureau is still accepting applications for recognition this year. For more information, please do not hesitate to contact us at