AI is transforming cybercrime — and the Philippines is feeling the pressure.
Cyberattacks across the Philippines are growing not just in number, but in speed, stealth, and sophistication — and Artificial Intelligence (AI) is driving that change. A new IDC survey commissioned by cybersecurity leader Fortinet paints a stark picture of how AI is reshaping the threat landscape, leaving many organizations overwhelmed and underprepared.
According to the survey, 78% of Philippine organizations reported encountering AI-powered cyber threats over the past year. More than a quarter of them say these attacks have tripled in volume.
These threats range from deepfake-driven business email compromise (BEC) scams and AI-enabled social engineering to data poisoning, polymorphic malware, and automated reconnaissance of vulnerable systems. What makes these attacks especially dangerous is their ability to evade traditional security tools — often exploiting human behavior, misconfigurations, or identity loopholes.
“Complexity is now the new battleground in cybersecurity—and AI is both the challenge and the frontline defense,” said Bambi Escalante, Country Head of Fortinet Philippines. “As threats grow quieter and more coordinated, Fortinet is helping organizations stay ahead with a unified, platform-based approach that brings together visibility, automation, and resilience.”
Detection gaps widen as AI outpaces defenses
While the AI-fueled threat surge is alarming, the survey also reveals deep detection and response gaps. Only 9% of respondents in the Philippines said they are “very confident” in their ability to defend against these AI threats. Nearly one in five organizations admit they have no way to detect such attacks at all.
“Organizations are facing a surge in stealthy, complex threats—from misconfigurations and insider activity to AI-enabled attacks—that bypass traditional detection methods,” said Simon Piff, Research Vice-President at IDC Asia-Pacific. “Reactive security is no longer enough—predictive, intelligence-driven operations must become the norm.”
Worse, the threat environment isn’t limited to high-profile incidents. The survey shows that modern cybersecurity is now a constant risk environment. Among the most common threats reported: ransomware (66%), software supply chain attacks (62%), cloud vulnerabilities (58%), and insider threats (56%).
But the threats with the greatest business impact are often quieter and harder to detect. Unpatched and zero-day vulnerabilities, insider threats, and cloud misconfigurations topped the list of most disruptive risks.
Human and operational blind spots add to the risk
Despite the rise in sophisticated attacks, cybersecurity resources in the Philippines remain stretched thin. The average organization allocates only 7% of its workforce to IT, and just 13% of that to cybersecurity — which translates to less than one cybersecurity professional for every 100 employees.
Only 15% of firms reported having a dedicated Chief Information Security Officer (CISO), and just 6% have specialized threat-hunting or security operations teams.
Overwhelming threat volumes (54%), difficulty hiring and retaining skilled personnel (52%), and tool sprawl (44%) are top pain points. These pressures are contributing to burnout and inefficiencies, further widening the gap between threats and response.
Security investments rise, but not fast enough
Encouragingly, cybersecurity budgets are increasing — nearly 80% of organizations in the Philippines reported some level of investment growth. However, most increases remain under 10%, raising concerns that spending isn’t keeping pace with risk.
Budgets are also shifting away from hardware-heavy purchases toward strategic areas such as identity and access security, zero trust architectures, and cyber resilience. Still, critical areas like OT/IoT security, DevSecOps, and cybersecurity training remain underfunded, exposing major vulnerabilities in operational and human layers.
“As cyber threats grow more covert and coordinated, we’re seeing a clear shift in how organizations approach cybersecurity investment,” said Rashish Pandey, Vice President of Marketing and Communications for Asia & ANZ at Fortinet. “The focus is moving beyond infrastructure to more strategic areas like identity, resilience, and access. Our platform brings the scale, intelligence, and simplicity needed to adapt and thrive in this new reality.”
Simplification and integration are key to resilience
A clear trend is emerging: organizations are accelerating the convergence of networking and security to simplify operations and improve visibility. In the Philippines, 96% of organizations are already consolidating or evaluating consolidation options. About 70% are actively on that journey.
But challenges remain. Nearly half of respondents cited tool management as a major pain point — not because of the number of tools, but due to their lack of integration.
“Speed, simplicity, and strategy matter more than ever,” said Escalante. “Our focus is on helping customers shift from piecemeal defenses to AI-powered security that’s built for scale and sophistication.”
The top benefits organizations seek from vendor consolidation include faster support (59%), better integration (53%), cost savings (53%), and improved security posture (51%).
From reactive to predictive: The future of cyber defense
The findings underscore a pivotal shift in cybersecurity: organizations must move from reactive to proactive strategies, with AI-powered defenses at the core.
The message is clear: AI may be fueling a new generation of stealth cyber threats — but it can also be the key to fighting them. Forward-thinking organizations are already adapting, consolidating tools, and rethinking their security from the ground up. For the rest, the window to act is narrowing.
READ MORE AI NEWS.
