Jeff Castillo works for a company that generates revenues from defending businesses and individuals against hackers and other cybercriminals.
Castillo says he enjoys his job as the Philippines country manager of Fortinet, a US-based network security provider, as the competition between hackers and network security providers redefines the IT sector.
He faces constant challenges as hackers become more sophisticated. “As we innovate our strategies, tools and systems, the enemies [hackers] will also become much more intelligent,” he says.
A cyber threat assessment program released by Fortinet shows that automated attack systems, botnets and malware are the most prominent threats affecting an organization’s network security and performance today.
The rampant use of social media, video streaming and advertising exposes corporate data to many risks such as social engineering, malware and malvertising, he says. Financial services, education and healthcare are the most vulnerable industries to security risks.
Fortinet revealed an average of 81,000 attempted attack events per organization and said nearly one in six organizations had undetected botnets. “With the lucrative gains that come with these institutions, expect more malicious activities will be done against them,” says Castillo.
Other cybersecurity companies agree that attacks are becoming more prevalent because of rapid technological changes.
Nerisse Ramos, ePLDT Group chief operating officer, says IT security in general, and lately with special focus on cyber security, has become a very big concern among organizations because of the recent data breaches and hacking incidents. “Many seek to implement some form of IT security solution or strengthen their existing IT security framework but at some point, are held back by a number of challenges,” says Ramos.
“The threat of cyber attacks risks enterprises from actualizing their potential growth. We do think that everyone is very much aware of the need to secure their enterprises; the education comes in finding and implementing the best practices tailored for the organization’s needs,” says Nico Alcoseba, head of PLDT’s disruptive business group.
Jobert David, technical director of F5 Networks Philippines, says that in Asia alone, digital banking consumers are expected to reach 1.7 billion by 2020. “While all of this translates into ultra-convenience for consumers, it has also presented fraudsters with a multichannel digital playing field to operate in,” David says.
David says what started out as ‘Nigerian email scams’ has now evolved into highly complex, targeted operations that rake in billions of illegally gained dollars. “Attacks now come in all forms—from web fraud, DDOS attacks and POS intrusions, to crimeware, malware and cyber espionage,” he says.
David says one major issue faced by banks in Asia Pacific is the prevalence of malware designed to target them and their customers. In the first three months of 2016, new variants of the financial Trojan, Tinbapore and new Gootkit campaigns were found to target banks and financial organizations in Asia, he says.
“Cybercrime is one of the greatest threats to any business, as the slightest oversight could result in financial catastrophe,” says David.
Kaspersky Lab, another security solutions provider, says crypto-ransomware, which encrypts data on users’ systems, has become a huge problem for cybersecurity over the last few years. It has become so widespread that it could easily be called an epidemic, it says.
Kaspersky Lab says over a period of 24 months, the total number of users encountering any type of ransomware increased 17.7 percent from 1.97 million worldwide in 2015 to 2.32 million in 2016 . The number of users attacked with crypto-ransomware rose 5.5 times, from 131,111 in 2015 to 718,536 in 2016.
Kaspersky Lab says while the Philippines is not among the top 10 most attacked countries, the number of crypto-ransomware attacks against Filipino users reached 10,414 covering the period April 2015 to March 2016.
“These figures uncover the reality that the threat of crypto-ransomware exists not only in developed countries but also in emerging nations like the Philippines. Kaspersky Lab strongly suggests not to pay ransom but most of all, every Filipino must be cyber-savvy enough to avoid this kind of stealthy and costly threat,” says Anthony Chua, territory channel manager for the Philippines and Singapore at Kaspersky Lab Southeast Asia.
Castillo says Fortinet is doing every effort to optimize its products’ and services’ performance. Castillo is tasked to grow Fortinet’s market share and mindshare by engaging service providers and enterprises of all sizes in the Philippines.
Castillo says his background in computer engineering helped him become a cybersecurity professional. “I graduated from PUP [Polytechnic University of the Philippines] in 1995 with a degree in BS Computer Engineering. I started my career as a software/technical point person and eventually focused on discovering the ins and outs of IT and sales,” he says.
He has extensive industry knowledge and selling experience in providing end-to-end hardware and software solutions to key verticals. He also has a solid foundation in technology implementations, having been a technical engineer at the start of his career.
Castillo joined Fortinet in October 2009 from systems integrator Leverage Systems Technologies, where he was sales and marketing director of the infrastructure division for more than 10 years.
“With my rich experience in the industry, I am now part of Fortinet Philippines as its country manager, helping companies intelligently protect their network,” says Castillo, who remains a bachelor, with 20 years of combined work experience in the IT industry.
Fortinet started its operations in 2004 in the Philippines, but the local office was established in 2010 at Fort Bonifacio, Taguig.
“Our customers range from the largest telecom carriers and government organizations to the most demanding banks and stock exchanges, to healthcare providers, educational institutions, retailers and SMEs,” says Castillo.
“We compete with several other global and Asian network security vendors but none of them can match the performance or end-to-end capabilities of our solutions. We have also enjoyed top market share in the Philippines, according to Frost & Sullivan market research data for many quarters,” says Castillo.
He says being a country manager and IT professional carries with it a myriad of challenges. “As long as you are willing to take on those challenges and discover ways to go around it, you will be able to achieve your ambitions—whether you’re opting to become an IT professional or looking forward to verge into a different profession,” he says.
“More importantly, you must have the ingredients of success—dedication, honesty, perseverance and love for your career. Take advice from people who know better and are more experienced in the path you’re going to take, because one day, that could be you,” he says.
“Many people think too much about the risks involved in doing something, while in fact, the risk of not doing anything could be bigger. Assuming someone has an idea about a new product or concept, he can go about starting a prototype and try to market the product. The risk of that involves spending the effort and money, etc. However, if he decides to stay put, the risk of that could be that he misses the big opportunity to build a great company,” he says.
“Be excited about new things, continuously learn more about your craft, and go out of your comfort zone. Discover, then be discovered,” he says.
Castillo says he would like to pass on his knowledge to other people. “On my retirement age, I probably would venture into consultancy to still pass on what I’ve learned during my working years,” he says.
COMMENT DISCLAIMER: Reader comments posted on this Web site are not in any way endorsed by The Standard. Comments are views by thestandard.ph readers who exercise their right to free expression and they do not necessarily represent or reflect the position or viewpoint of thestandard.ph. While reserving this publication’s right to delete comments that are deemed offensive, indecent or inconsistent with The Standard editorial standards, The Standard may not be held liable for any false information posted by readers in this comments section.