The Philippines has emerged as a prime target for cyber attacks, with an increase in incidents related to malware, phishing, and password attacks. According to the latest report from Palo Alto Networks, a cybersecurity solutions provider, the country has witnessed the highest number of disruptive cyber attacks in the ASEAN region. 

Palo Alto Networks saw that 29% of local organizations in the Philippines reported experiencing a 50% or greater increase in cyber incidents. It also highlights that organizations in the country are particularly concerned about malware attacks (66%), phishing and spear-phishing attempts (63%), and password-related breaches (56%).

“Attackers are continually evolving, and many SMEs (small and medium enterprises) view security as a one-time effort, failing to update their security capabilities to match the evolving threat landscape,” said Steven Scheurmann, regional vice president for ASEAN, Palo Alto Networks.

Palo Alto Networks: Cybercriminals spread malware via PDF files
Palo Alto Networks discovers new version of malware targeting Facebook accounts

The survey, conducted online in April 2023, involved 500 corporate IT decision-makers and business leaders from across the region.

Digitalization

While digitalization has brought convenience and efficiency to both enterprises and consumers, it has also given rise to significant data security concerns. Digital transactions have become a particularly vulnerable attack surface, attracting cybercriminals’ attention as their primary target. The report reveals that digital transactions, whether web- or mobile-based, expose organizations to greater cyber risks (50%), risks associated with personal devices or home networks accessing corporate networks (49%), and the necessity to adopt a wider range of cybersecurity solutions (44%).

In the Philippines, many victims fell prey to malicious links in SMS or email messages. The proliferation of scam texts raised concerns within the government, leading to the enactment of the SIM Registration Act as an effort to mitigate future attacks.

In response to these growing concerns, businesses in the Philippines have prioritized strengthening their cybersecurity strategies.

Cybersecurity investments

The report highlights that 56% of local organizations discuss cybersecurity at the board level on a monthly basis. Also, 68% of Filipino businesses have increased their cybersecurity budgets, primarily driven by the rapid digitization of operations (53%) and the need to comply with new or evolving regulations demanding stricter data privacy measures (48%).

Organizations in the financial, banking, transportation, and logistics sectors in the Philippines have demonstrated confidence in their cybersecurity investments, acknowledging their susceptibility to cyber threats at any given time.

While 51% of Philippine-based organizations perceive themselves as being at high risk from cybersecurity threats, a striking 90% of local organizations express confidence in the security measures they have adopted. In contrast, small and medium-sized organizations feel comparatively less assured in dealing with cybersecurity challenges due to limited budgets and a shortage of in-house cybersecurity expertise.

“SMEs form the backbone of our economies in many parts of ASEAN, including the Philippines,” Scheurmann said. “It is imperative for them to update their security capabilities. An actionable incident response plan is the first step toward redefining their security strategy, along with a greater emphasis on automating existing cybersecurity processes to enhance resilience and confidence.”