MARKED by high-profile incidents where government agencies became the targets of hacker groups, 2023 was a year of heightened cybersecurity risks. In late September, the Philippine Health Insurance Corp. (PhilHealth) was at the center of the largest cybersecurity breach in years when the private information of at least 13 million PhilHealth members were affected. Meanwhile, even the Philippine National Police and the National Bureau of Investigation were unsafe from cyberattacks with 1.2 million personal records at risk from a breach. Both the Department of Science and Technology and the Philippine Statistics Authority also had their share of data breaches in 2023, and it was surmised that agency information may have been compromised. Apart from these attacks on government agencies, unsuspecting organizations in and out of the country also fell victim to different hacking incidents. Get the latest news delivered to your inbox Sign up for The Manila Times newsletters By signing up with an email address, I acknowledge that I have read and agree to the Terms of Service and Privacy Policy. Across the cybersecurity landscape, trends pointed to the prevalence of ransomware attacks and phishing as well as short messaging service phishing or smishing scams. According to one cybersecurity publication, the frequency of ransomware in 2023 surpassed the combined numbers of 2021 and 2022. Additionally, as much as 72 percent of businesses worldwide faced this type of cyberattack. For phishing and smishing attacks, cybersecurity professionals were becoming a common target as keepers to vital points of access themselves to the IT infrastructure of a business. In 2023, more than 70 percent were reportedly targeted by attempts with 28 percent via text messages. Jon Clairmond Siy -- chief security officer of Shellsoft Technology Corp., one of the top cybersecurity solutions consultants in the Philippines -- pointed out that attacks would continue to rise in prevalence as hackers found more supply chain vulnerabilities in an increasingly interconnected digital environment. "It can take just one third-party supplier or service provider with a weakness in [its] IT (information technology) infrastructure," Siy said. "Some threat actors can take advantage of these exposed systems as an opportunity to infiltrate more critical [infrastructure]." Siy extended the warning to micro, small and medium enterprises that, in his assessment, lacked more robust cybersecurity systems due to their sizes and capabilities. "And with minimal cybersecurity awareness, they are also more vulnerable to phishing or smishing," Siy added. As businesses put the finishing touches on their strategies for the year, Siy expressed hope that increased efforts on cybersecurity was on the agenda. His call resonated with President Ferdinand "Bongbong" Marcos Jr.'s directive for the government, particularly the Department of Information and Communications Technology, to strengthen cybersecurity efforts for public agencies. "Beyond just awareness, we should all continue to augment cybersecurity capabilities when we can with the objective to always be one step ahead of threat actors," Siy continued. He explained that one of the best places to start "is by assessing your organization's digital infrastructure and the potential threats that your business is facing, and promoting a stringent Cybersecurity culture in the workplace." "It's important to regularly take stock of your capabilities to avoid being exposed and exploited," Siy concluded.