Phishing and ransomware attacks are on the rise in the Philippines, posing serious threats to organizations in the country, according to a recent survey conducted by cybersecurity firm Fortinet. The survey, carried out by the IDC on behalf of Fortinet, highlighted the complex and evolving cybersecurity landscape in the Philippines, with phishing, ransomware, and insider threats being identified as major concerns.
The survey findings revealed that phishing and ransomware are the top cyber threats in the Philippines, with over 50% of respondent organizations expressing concerns about these types of attacks. Surprisingly, ransomware incidents have doubled since 2022, with 56% of respondents reporting a two-fold increase in 2023. The surge in attacks can be attributed primarily to phishing and malware, along with social engineering attacks, insider threats, and vulnerabilities in the Internet of Things (IoT).
The shift to remote work is seen as a significant factor contributing to the increase in cyber incidents, with 82% of respondents linking the rise to remote work arrangements. Insufficient training, lack of employee care, and communication gaps were also identified as contributing factors, highlighting the need to address human factors in cybersecurity.
The survey also highlighted the challenges faced by organizations in strengthening their security measures. Only 50% of businesses in the Philippines have dedicated IT resources for security teams, creating obstacles in implementing robust security measures. Additionally, alert fatigue is a significant challenge, with more than 50% of surveyed enterprises grappling with an average of 221 security incidents per day. Common alerts include suspicious emails (phishing) and malware or virus detections, emphasizing the urgent need for targeted training on phishing awareness.
SecOps professionals responsible for managing security alerts face time constraints, with an average of 44 alerts to address daily. This allows approximately 11 minutes per alert within an eight-hour workday. False positives also remain a persistent issue, with 74% of respondents indicating that at least 25% of the alerts they receive are false positives. The validation of alerts takes more than 15 minutes for 82% of teams, highlighting the need for automation to improve response times.
Despite these challenges, the survey revealed that a majority of organizations in the Philippines (94%) have embraced automation and orchestration tools in their security operations. However, there is still room for improvement in areas such as incident containment, remediation, recovery, and threat containment. Notably, automation has resulted in significant productivity gains for around 92% of respondents, with at least a 25% improvement in incident detection times.
Looking ahead, all organizations surveyed expressed their intent to implement automation and orchestration tools within the next 12 months, with a focus on response triage, incident containment, and recovery time. Fortinet concluded the survey by urging organizations to adopt a comprehensive approach to Security Operations (SecOps) to effectively address the dynamic cyber threats faced by the country.
The rising tide of phishing and ransomware attacks in the Philippines underscores the urgent need for organizations to strengthen their cybersecurity measures. By leveraging the power of artificial intelligence (AI) and automation, organizations can enhance incident detection, response times, and overall security resilience. The adoption of comprehensive SecOps strategies, targeted training for employees, and the implementation of automation tools will be crucial in mitigating the risks posed by evolving cyber threats.
