RESEARCH

ABSTRACT

The study titled “Responsiveness of the Cyber Security Operation Center of the Philippine National Police to Data Breaches: Basis for Enhancement” evaluated how effectively the PNP CSOC addresses data breaches, the challenges it faces, and areas for improvement. Using a descriptive qualitative approach, the researchers gathered data from 45 PNP personnel through surveys and interviewed 5 CSOC staff. The investigation covered four major domains: Detection and Analysis; Mitigation, Isolation, and Recovery; Post-Incident Activity; and Prevention and Monitoring. Results showed that while real-time monitoring and machine-learning tools supported effective detection, issues such as high data volume, alert fatigue, complex threats, limited system visibility, and inadequate training remained. Mitigation and recovery protocols worked well for familiar threats but were less effective for emerging attacks, with delays in restoring systems and insufficient automation. Post-incident procedures lacked consistency due to missing standardized templates and limited time, though sharing insights and lessons learned was practiced. Prevention and monitoring strategies functioned adequately but required more advanced detection tools, regular updates, and stronger threat intelligence integration. Overall, the study found that although the PNP CSOC has a solid foundation, improvements in technology, training, policy development, procedures, and inter-agency cooperation are essential. Recommendations focused on upgrading cybersecurity tools, enhancing continuous training, formalizing protocols, strengthening threat intelligence sharing, and increasing resources.

KEYWORDS

Cyber Security Operation Center (CSOC), Data Breaches, Incident Response

CITATION

Sanico, M. B. (2025). RESPONSIVENESS OF CYBER SECURITY OPERATION CENTER OF THE PHILIPPINE NATIONAL POLICE TO DATA BREACHES: BASIS FOR ENHANCEMENT. GET INTERNATIONAL RESEARCH JOURNAL, 3(4), 189 202.
https://doi.org/10.5281/zenodo.17914026