Millions Connected, Millions at Risk: Why the Philippines Must Close Its Cybersecurity Gap Now

The Philippines continues to make significant strides in digital transformation. More Filipinos than ever are using smartphones, online banking platforms, e-commerce services, digital payment systems, social media, and government online services as part of their daily lives. This growing digital ecosystem has created new opportunities for economic growth, innovation, and convenience. However, recent data suggests that while connectivity is accelerating, cybersecurity awareness and preparedness are struggling to keep pace.

According to findings from the Philippine Statistics Authority (PSA), only 33.4 percent of Filipinos aged 10 years and older are aware of cybersecurity and data privacy issues. Even more concerning, approximately 24.28 million ICT device users, representing 62.5 percent of users nationwide, experienced at least one cybersecurity incident in 2024.

These figures reveal a critical challenge facing the country. The rapid adoption of digital technologies has expanded access to information and services, but it has also expanded opportunities for cybercriminals. As more personal, financial, and business activities move online, the consequences of poor cybersecurity awareness become increasingly significant.

Among the most common threats identified was SMS fraud, affecting more than half of all cybersecurity victims. Modern scams have evolved far beyond simple spam messages. Threat actors now leverage sophisticated social engineering tactics, impersonation schemes, fake websites, and fraudulent payment requests designed to exploit trust and create urgency. In many cases, a single click on a malicious link can result in financial loss, account compromise, or exposure of sensitive personal information.

Perhaps even more alarming is the finding that only 1.9 percent of victims reported cybersecurity incidents to authorities. This suggests that millions of affected individuals may not know where to seek help, may lack confidence in reporting mechanisms, or have accepted cybercrime as an unavoidable part of modern life. Unfortunately, underreporting allows cybercriminals to continue operating with limited visibility and accountability.

The issue extends beyond individual users. Businesses, government agencies, educational institutions, and critical infrastructure operators all face increasing cyber risks. As organizations continue to embrace cloud computing, digital services, artificial intelligence, and remote work environments, cyber resilience must become a strategic priority rather than an afterthought.

Building a secure digital future requires a coordinated effort from all sectors of society. Government agencies must continue investing in cybersecurity education, public awareness initiatives, stronger enforcement capabilities, and modern digital infrastructure. Educational institutions can help by integrating cybersecurity fundamentals into learning programs, ensuring future generations understand how to navigate digital environments safely.

The private sector also plays a vital role. Financial institutions, telecommunications providers, e-commerce platforms, and technology companies must continue strengthening fraud detection capabilities, improving incident response procedures, and enhancing customer education programs. Trust remains one of the most valuable assets in the digital economy, and cybersecurity is essential to maintaining that trust.

At the individual level, simple security practices can make a significant difference. Using strong passwords, enabling multi-factor authentication, verifying links before clicking, and reporting suspicious activities are practical steps that help reduce exposure to cyber threats.

The PSA findings should serve as a wake-up call for the entire nation. Digital transformation offers tremendous benefits, but those benefits can only be fully realized if cybersecurity grows alongside technology adoption. A connected society without adequate cyber awareness creates opportunities for attackers and risks for citizens, businesses, and government institutions alike.

At Directpath Global Technologies (DGT), we believe cybersecurity is not just about deploying technologyit is about building resilience. As a Managed Security Service Provider (MSSP), DGT helps organizations strengthen their security posture through Managed Threat Detection (MTD), Extended Detection and Response (XDR), Vulnerability Assessment and Penetration Testing (VAPT), Next-Generation Firewall (NGFW) solutions, SOC 2 readiness support, Vulnerability Risk Management as a Service (VRMaaS), Web Application Firewall (WAF) protection, vCISO advisory services, and OT Security solutions. Through our Advanced Artificial Intelligence Division, we also help organizations leverage AI-driven capabilities to enhance cybersecurity, improve operational efficiency, and support broader business objectives.

The Philippines has made remarkable progress in embracing digital technologies. The next challenge is ensuring that cybersecurity awareness, preparedness, and resilience advance at the same pace. Until cybersecurity becomes part of everyday culture, millions of Filipinos will remain connected but vulnerable. Source: Manila Bulletin