The Philippines is becoming a prime target of disruptive cyber attacks across ASEAN as 29% of local organizations claim they have experienced over 50% increase in incidents, the highest in the region.
This is according to the 2023 State of Cybersecurity in ASEAN report which was conducted by Palo Alto Networks to 500 IT executives and senior business levels from Indonesia, Malaysia, Philippines, Singapore and Thailand from April 6 to 16, 2023. The online survey has 100 respondents for each market.
The top and persistent cybersecurity concerns of local businesses include malware as disclosed by 66% of respondents, phishing and spearphishing as well as AI-enabled phishing attacks as relayed by 63% of respondents and password attacks at 56%. The increasing number of digital transactions brought about by the growing reliance on cloud-based services and applications also challenged local organizations in cybersecurity, exposing 50% of them to more cyber risks; risks from personal devices and home networks accessing corporate networks are being faced by 49%; and the procurement of a wider array of cybersecurity solutions (44%).
Another cybersecurity challenge of local businesses is that 84% of them have developed a 5G strategy but are still concerned with securing 5G data and application layers primarily about vulnerabilities of IoT devices connected via 5G (46%); proper segmentation of 5G networks (45%); and threat visibility over 5G networks and IoT devices (45%).
Locally, there is a need to get IT/OT more collaborative together, as 36% of Philippine organizations are still adjusting their cybersecurity strategy to secure their IT/OT while 75% cited having common IT/OT cybersecurity team for enhanced security posture and quicker responses. Organizations that are strategizing for IT/OT security comprise 36% while those which undertake service recovery after a cyber attack comprise 32% only, the lowest in ASEAN.
The study also revealed cybersecurity remains a top priority in the boardroom. Local businesses, comprising 56%, shared that cybersecurity is discussed at a board level on a monthly basis, similar to last year. This has resulted to the hike in the allocation of cybersecurity budget with 68% of Filipino businesses increasing their budget for 2023 for digitalization purposes (53%), and stricter data privacy laws (48%).
The hike in budget allocation signifies better security outlook as 44% of local organizations are looking at cloud adoption, and identity access and management as equally most preferred strategy to combat cyber attacks, while security orchestration, automation and response (SOAR) strategy for security operations centers is being cited by 41% of Filipino respondents. Organizations with OT, including essential services (at 75%), embraced unified IT/OT cybersecurity teams to enhance their security posture and facilitate quicker responses.
Another top cybersecurity strategy that local businesses are looking into is AI integration (machine learning, predictive analytics, voice recognition, and sentiment analytics) in the next one to two years, as relayed by 54% of local respondents.
“AI is important to serve the Philippines and to have a better security posture, orchestration is key. At the same time, private companies and the government should look into consolidation using platform-based approaches to build their security architecture and strategy,” said Oscar Bisaya, country manager for the Philippines at Palo Alto Networks.