Cybersecurity firm Fortinet has released findings from a recent survey warning of emerging phishing and ransomware threats to Philippine organizations.
The findings also underscored the significance of artificial intelligence (AI) and automation in the evolving cybersecurity landscape.
The survey, conducted by the IDC on Fortinet’s behalf, looked at the current state of Security Operations (SecOps) in the Asia-Pacific region, including the Philippines. It underscored the country’s complex and evolving cybersecurity landscape, with phishing, ransomware, and insider threats posing significant dangers.
The survey revealed that phishing and ransomware are the top cyber threats in the Philippines, causing concerns for over 50% of respondent organizations. Ransomware incidents have surprisingly doubled since 2022, with 56% of respondents reporting a two-fold increase in 2023.
This surge is primarily attributed to phishing and malware, along with social engineering attacks, insider threats, and vulnerabilities in the Internet of Things (IoT).
As much as 82% of respondents attribute the rise in such incidents to the shift to remote work. Insufficient training, lack of adequate employee care, and communication gaps were also seen to contribute to this surge, highlighting the need to address human factors in cybersecurity.
Yet the survey found that only 50% of businesses in the Philippines have dedicated IT resources for security teams, posing challenges in strengthening security measures.
So-called “alert fatigue” or too many cybersecurity alerts is also a significant challenge, with more than 50% of surveyed enterprises facing an average of 221 incidents per day.
The top alerts include suspicious emails (phishing) and malware or virus detections, emphasizing the urgent need for targeted training on phishing awareness.
SecOps professionals, managing about 44 alerts daily, face time constraints, allowing approximately 11 minutes per alert within an eight-hour workday.
False positives remain a persistent issue, with 74% of respondents noting that at least 25% of the alerts they receive are false positives. The validation of alerts takes more than 15 minutes for 82% of teams, underscoring the need for automation in improving response times.
Despite these challenges, a significant majority (94%) of organizations in the Philippines have embraced automation and orchestration tools in their security operations.
The survey suggests that organizations have yet to fully harness the complete potential of these technologies, identifying opportunities for improvement in areas such as incident containment, remediation, recovery, and threat containment.
Notably, around 92% of respondents have experienced significant productivity gains, with at least a 25% improvement in incident detection times attributed to automation.
Looking ahead, 100% of organizations express their intent to implement automation and orchestration tools within the next 12 months, focusing on response triage, incident containment, and recovery time.
Fortinet concluded by urging organizations to adopt a comprehensive approach to SecOps to navigate the dynamic cyber threats faced by the country.
