AI is no longer a future consideration—it’s an operational reality. More than nine in ten organizations across the Philippines are already using AI in their security environments. Enterprises are advancing from AI-powered detection to more sophisticated use cases such as automated response, predictive threat modelling, AI-driven incident response, AI-powered threat intelligence, and behavioural analytics.
These top five use cases highlight how detection has become standard, while response, prediction, and orchestration represent the next frontier.
Generative AI (GenAI) is also gaining traction, particularly for light-touch tasks such as running playbooks, updating rules and policies, detecting social engineering, writing detection rules, and guiding investigations. However, trust in autonomous AI remains limited. Use cases like auto-remediation and guided remediation are not yet widely deployed, signalling that the industry is still in the “co-pilot” phase of adoption.
AI skills redefining the security workforce
The shift toward AI-first cybersecurity is reshaping how teams are structured. Across the Philippines, the top cybersecurity roles in demand include security data scientists, threat intelligence analysts, AI security engineers, AI security researchers, and AI-specific incident response professionals.
Organizations are no longer just deploying AI tools—they are building teams around AI capabilities. This reflects a broader trend of the cybersecurity workforce evolving to match the pace of technological adoption.
Strategic investments: From infrastructure to intelligence
Cybersecurity budgets are trending upward, with nearly 80% of organizations reporting increases. However, these rises are modest: 44% reported an uplift of less than 5%, while 36% saw increases between 5–10%.
This suggests that while budgets are expanding, spending remains focused on addressing rising operational and talent costs. Organizations are carefully prioritizing how these limited funds are used.
The top five investment areas over the next 12–18 months include identity security, network security, SASE/Zero Trust, cyber resilience, and cloud-native application protection. This shift indicates a movement from infrastructure-heavy spending toward targeted, risk-based priorities that reflect the evolving threat landscape.
Teams remain under-resourced and overwhelmed
While cybersecurity is gaining executive attention, many teams remain under-resourced. Only 6% of an organization’s total workforce is dedicated to internal IT, and just 13% of that group focuses on cybersecurity. Fewer than one in six organizations have a standalone CISO, and only 6% have purpose-built teams for security operations and threat hunting.
This lack of specialization affects performance. More than half of respondents cited an overwhelming surge in threats, along with tool sprawl and talent retention challenges. Teams struggle with burnout and complexity, reinforcing the need for smarter resourcing and streamlined operations.
Consolidation and convergence become core strategies
As complexity increases, organizations are moving toward unified cybersecurity frameworks that deliver end-to-end visibility, operational efficiency, and simplified management. Nearly all respondents (96%) are either converging security and networking or evaluating how to do so.
Consolidation is no longer viewed as a cost-cutting measure—it’s a strategic necessity. Seventy percent of respondents are actively considering vendor consolidation, driven by benefits such as faster support, cost savings, better integration, and improved security posture.
Supporting quotes
Simon Piff, Research Vice-President, IDC Asia-Pacific, said:
“The findings reflect the growing maturity of cybersecurity across the region. Organizations are embedding AI across threat detection, incident response, and team design. This signals a new era of security operations that are smarter, faster, and more adaptive to evolving risks. AI is fundamentally reshaping how threats are identified, prioritized, and acted upon, demanding a parallel shift in cybersecurity strategy and talent.”
Bambi Escalante, Country Manager, Fortinet Philippines, said:
“CISOs across the Philippines are entering a more advanced phase of cybersecurity planning—one where AI not only augments defences but influences how organizations structure teams, allocate budgets, and prioritize threats. At Fortinet, we’re helping customers embrace this shift by embedding AI across our platform, enabling faster detection, smarter responses, and more resilient operations as cyber risks become more complex. As this complexity grows, so does the need for converged, intelligent, and adaptive security models.”
READ MORE TECH NEWS.
