Supply Chain Attack: The Challenges and Misconceptions

Why Businesses in the Philippines Need a Better Understanding of Third-Party Rules
Keala Mae M. Bleza, junior partner, Gatchalian and Castro, and Mel Migriño, chairman and president, Women in Security Alliance Philippines

What's the best way to overcome lack of supply chain visibility? What are the privacy challenges of storing, transferring and allowing third parties to use personal data? Two experts - Mel Migriño, chairman and president of the Women in Security Alliance Philippines, and Keala Mae M Bleza, junior partner at Gatchalian and Castro - share their thoughts on how to navigate cybersecurity and regulatory issues across multiple countries and industries. Both Migriño and Bleza are part of the Women in Security Alliance Philippines.

See Also: Webinar | Enhancing Cyber Resilience and Regulatory Compliance for OT Systems APAC

"One of the challenges for companies would be to be able to balance their business interest versus complying with regulations. It starts with how the company or the business organization actually understands the meaning of protecting data versus how the law actually sees it," Bleza says.

One of the challenges facing many companies is understanding the restrictions on the flow of data, which means they refrain from asking customers for their personal information, Bleza says. These questions, however, should be asked since they are relevant to the business decisions. "So we have to close the gaps in misconception," Bleza says.

According to Migriño, disparate cybersecurity requirements are a major challenge, "including security protocols and architecture from one country to the other or even from one industry to the other. The other challenge is the lack of supplier readiness, awareness and resources for a sound cybersecurity program and the lack of awareness about supplier security requirements."

In this video interview with the Information Security Media Group, the two also discuss:

  • How to put the right policies in place;
  • Common misconceptions around supply chain and third-party relationships;
  • How to gain more visibility into your supplier's supply chain.

Migriño has more than 20 years of combined experience in information security management, cybersecurity governance, assurance and operations, application and infrastructure security, IT infrastructure management and operations, operational technology security and cloud security. She has worked across multiple industries, including financial services, technology and consulting, energy distribution, power generation and telecommunications.

In addition to her role at Gatchalian and Castro, Bleza is the data protection officer at Liberty Insurance Corp.

About the Author

Suparna Goswami

Suparna Goswami

Associate Editor, ISMG

Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she wrote about the Indian startup ecosystem. She has also worked with UK-based International Finance Magazine and leading Indian newspapers, such as DNA and Times of India.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.