Got a question? Call 02 8286 9429   |   
Contact usCheckoutContact us
Cyber Security Category

Boosting Government Cyber Security: The Impact of ISC2 CLSSP Certification in COMELEC

By Chloe Villanueva | 19 December 2024

Imagine this: You are responsible for developing software systems to manage the information of 68.6 million voters in the Philippines. (According to the COMELEC, this is the number of registered voters in the country ahead of the 2025 Elections.) So, how do you arm yourself and your team with the skills to protect this massive amount of data and mitigate potential cyber threats?

LW PH Blog - Boosting Government Cyber Security: The Impact of ISC2 CLSSP Certification in COMELEC


The solutions are often simple, but can only be discovered through cyber security training, experience, and a deep understanding of industry standards. Training empowers you and your team to protect your systems and data confidently.

Creating a software product is a big, complicated project that leaves you vulnerable to numerous security risks. Cyber attacks, data leaks, and malware all require proper countermeasures. So, for any software development undertaking, security is essential at each phase.

The necessity of security in software development is more pronounced in government operations. And for the Philippine Commission on Elections (COMELEC), this need could not be more apparent. Having the right skills and knowledge plays a role in ensuring the integrity, reliability, and transparency of the electoral process.

In this learner story, a student from COMELEC discusses her experience of attending ISC2 CSSLP training with DDLS Aboitiz, trading as Lumify Work Philippines. She shares how the training gave her plenty of insights on how to improve the implementation of security in their organization.

Secure Software Development Training and the NSCP

Boosting capabilities through cyber security training is a government mandate. In fact, the national budget for 2024-2025 reflects a substantial commitment to cyber security, with specific allocations dedicated to initiatives that include:

  • General Department of Information and Communications Technology (DICT) Budget Appropriation: For 2025, the government has allocated PHP 7,840,559 to the DICT.

  • Cybercrime Investigation and Coordination Center (CICC) 2025 Budget: PHP 487,119,000 has been allocated to prevent, suppress, and prosecute cybercrime.

  • Cybercrime Prevention, Investigation and Coordination Program 2025: PHP 357,484,000 has been set aside for this program. The initiative also has a target of handling, monitoring, and assisting 3,500 cybercrime cases by 2025.

This budget allocation is supported by the National Cyber Security Plan (NCSP) 2023-2028. The NCSP is an extensive plan by the Philippine government that seeks to address the country's growing cyber security challenges. The plan aims to achieve three main outcomes:

  • Proactive security and protection in cyberspace

  • Enhanced cyber security workforce capabilities

  • Improved cyber security policy framework


Within public sector agencies, the NSCP calls on leaders to offer government-funded cyber security training to staff through learning providers like DDLS Aboitiz, trading as Lumify Work Philippines. This helps develop internal talent who can roll out better policies and implement more robust security systems.

The goal is to avoid further incidents like the data breach of 1 million records from law enforcement agencies in 2023 or the 2024 hacking that compromised 2 terabytes of government-funded scientific research.

Specific to Secure Software Development Life Cycle (SDLC), training like the ISC2's CSSLP aligns with all three NCSP outcomes by empowering CIOs, CISOs, Security Analysts, Security Managers, Architects and Engineers in government agencies.

With an awareness of international best practices and the right skills and knowledge, they can strengthen our country's cyber security posture and develop better cyber security policies.


The CCSLP Student Experience

Secure software certification training like ISC2's Certified Secure Software Lifecycle Professional (CSSLP®) helps analysts in government agencies comply with data privacy laws like the Philippine Data Privacy Act of 2012.

LW PH Blog - Boosting Government Cyber Security: The Impact of ISC2 CLSSP Certification in COMELEC

One of our learners, Carmela M. Abiad, works in the Commission on Elections (COMELEC) under the designation of Computer Programmer. She talked about her experience attending the five-day CSSLP training through DDLS Aboitiz, trading as Lumify Work Philippines.

She describes her role as a Systems Analyst tasked to study and design system applications developed internally. She shares that her job is to ensure that the developed system is secure and satisfies the requirements of the end-users.

  • Why did you join our CSSLP training?
    I joined because it aligned with our organization's objectives. It was part of an initiative in our department to ensure that we are providing secure, and quality services. These services include our in-house system development projects.

  • What was your training experience like?
    It was a good experience. Our trainer is friendly and helpful. I learned a lot and look forward to my next training session with Lumify.

  • Any key takeaways from the training that stuck with you even today?
    That security is a crucial part in system development and that it should always be present in every phase. Also, security does not need to be expensive because there are other cost-effective and efficient methods. Lastly, security must not be too complex. Sometimes, simple is better.

  • How has the training impacted your work?
    It makes me want to improve the implementation of security in our organization, adapting what we learned in the training.

  • How has the training impacted the business?
    My team and I have an awareness of current international standards. We understand how security must be well-planned and how we need to ensure that it is properly implemented and executed.

Carmela adds that while she received training previously, she found that the courses offered in Lumify were a better fit for their organization's needs. This could be in terms of the skills gaps they aim to close, the short time required (1–5-day courses vs months-long programs), the up-to-date course materials available and the industry-leading certifications they can gain, among other factors.

She also put a special mention for our Lumify trainers like Louis Cremen and Chris Evans, and our campus in BGC, Taguig, Metro Manila:

"I would definitely recommend Lumify because they offer good courses. The training facility is conducive to training, and the instructors have in-depth knowledge of the topic."

Fast facts about CCLSP training

ISC2's Certified Secure Software Lifecycle Professional (CSSLP®) is a five-day course focusing on the best security practices for the software development lifecycle (SDLC).

Through the course, students can gain core knowledge and learn the best security practices for the software development lifecycle (SDLC).

CSSLP certification recognizes leading application security skills. It validates a professional's advanced knowledge for authenticating, authorising and auditing throughout the SDLC using best practices, policies and procedures.

Please note: As with most ISC2 courses, the CSSLP exam is not included in the course fee but can be purchased separately.

Here's a quick glance at some CCSLP prerequisites, topics covered in the training, and government organizations that approve of it.

  • 4 Years’ Work Experience Required
    Professionals looking to become CCLSP certified by sitting the exam require at least four years of cumulative, paid work experience as a software development lifecycle professional in one or more of the eight domains of the ISC2 CSSLP Common Body of Knowledge. A candidate who doesn’t have the required experience to become a CSSLP may become an Associate of ISC2 by successfully passing the CSSLP exam. An Associate of ISC2 can then accumulate the necessary work experience to achieve full certification.

  • Eight Domains Covered
    Training and exams will cover Secure Software Concepts, Secure Software Lifecycle Management, Secure Software Requirements, Secure Software Architecture and Design, Secure Software Implementation, Secure Software Testing, Secure Software Deployment, Operations, Maintenance and Secure Software Supply Chain.

  • ANAB Accredited
    The CSSLP meets the stringent requirements of ANSI/ISO/IEC Standard 17024.

  • Government Sector Approved
    CSSLP training is approved by Government and Defense agencies worldwide, including the United States Department of Defense.

More ISC2 courses from Lumify Work Philippines

Professionals in the public and private sectors can advance their cyber security skills with our range of ISC2 training courses. ISC2 is the world’s leading cyber security and IT security professional organization. With more than 168,000 certified members, it empowers professionals who touch every aspect of information security.

LW PH Blog - Boosting Government Cyber Security: The Impact of ISC2 CLSSP Certification in COMELEC

Lumify Work is one of only a few, select cyber security training providers in the Asia Pacific that offer official ISC2 courseware and materials. By choosing authorised training, you are guaranteed the latest in defense strategies and content mapped directly to the exam.

Please note: For most ISC2 courses, the exam is not included in the course fee but can be purchased separately.

  • Certified in Cybersecurity (CC) - One-Day Workshop - Validate that you have the foundational knowledge, skills and abilities necessary for an entry- or junior-level cyber security role.

  • Certified Cloud Security Professional (CCSP®) - Through this five-day workshop, you can gain core knowledge and experience in cloud security design, implementation, architecture, operations, controls, and compliance with regulatory frameworks.

  • Certified in Governance, Risk and Compliance (CGRC®) - This five-day course offers cyber security professionals the knowledge and skills to integrate governance, performance management, risk management and regulatory compliance within the organization while helping the organization achieve objectives, address uncertainty and act with integrity.

  • Certified Information Systems Security Professional (CISSP®) - This five-day CISSP course is the most comprehensive review of information security concepts and industry best practices. It focuses on the eight domains of the CISSP CBK® (Common Body of Knowledge) that are covered in the CISSP exam. Gain knowledge in information security to help increase your ability to successfully implement and manage security programs in any organization or government entity.

  • Systems Security Certified Practitioner (SSCP®) - Through this five-day course, you can learn to successfully manage security administration and operations and prepare for the Systems Security Certified Practitioner (SSCP®) certification.

Ready to get started on your journey to cyber resilience? Talk to our team about cyber security training today or download our “Meeting the Cyber Security Challenge For 2023 and Beyond” eBook.


Feature Articles


eBook
Drive Innovation with IT Service Management Training
11 December 2023
Read
eBook
Get your teams up-to-speed with ITIL® 4
22 May 2024
Read
eBook
Elevate your business and career to new heights
22 May 2024
Read
Blog
The Philippines' National Cyber Security Plan 2023-2028: Roadmap to Cyberspace Resilience
By Justin Luna | 28 August 2024
Read
Blog
2024-2025 Government Budget: Focusing investment in cyber security skilling
By Jeremy Daly | 1 July 2024
Read