AI Adoption in Cybersecurity Surges Across the Philippines: 92% Already Using It

Fortinet, the global cybersecurity leader driving the convergence of networking and security, today announced the findings of a 2025 IDC survey highlighting how organizations across the Philippines are adopting AI as the frontline of their cyber defence strategy. The IDC study, commissioned by Fortinet, reveals that AI has moved beyond hype to become a critical enabler of speed, accuracy, and scale in security operations, and is now shaping hiring priorities, investment strategies, and the architecture of modern cybersecurity teams.

AI’s Growing Influence on the Cyber Landscape

AI is transforming both sides of the cybersecurity equation. For defenders, it offers the potential to automate detection, accelerate response, and scale threat intelligence with unprecedented speed. But the same capabilities are now being leveraged by attackers, who are using AI to launch stealthier, faster, and more adaptive attacks. According to the IDC Study, nearly 78% of organizations across the Philippines say they have encountered AI-powered cyber threats in the past year. Of those, 64% reported a 2X increase and 28% reported a 3X increase in threat volume. These attacks are harder to detect and often exploit blind spots in visibility, governance, and internal processes. 

AI Adoption Accelerates from Pilot to Production

AI is no longer a future consideration; it's an operational reality. More than nine in ten organizations across The Philippines are already using AI in their security environment.  Organizations are rapidly progressing from AI-powered detection to more advanced use cases such as automated response, predictive threat modelling, AI-driven incident response, AI-powered threat intelligence, and behavioural analytics. These top five use cases reflect how detection has become table stakes, while response, prediction, and orchestration are now the next frontier.

GenAI is also gaining traction, with adoption focused on light-touch tasks such as running playbooks, updating rules and policies, social engineering detection, writing detection rules, and guided investigations. However, trust in autonomous action remains limited. Use cases like auto-remediation and guided remediation are not widely deployed, signalling that we are still in the "co-pilot" phase of adoption.

AI Skills Redefining the Security Workforce

The shift toward AI-first cybersecurity is also reshaping how teams are built. Across the Philippines, the top five cybersecurity roles in demand include security data scientists, threat intelligence analysts, AI security engineers, AI security researchers, and AI-specific incident response professionals. Organizations are no longer just deploying AI tools; they are building their cybersecurity teams around AI capabilities. This reflects a broader trend where the workforce is rapidly evolving to match the pace of technological adoption.

Strategic Investments: From Infrastructure to Intelligence

Cybersecurity budgets are trending upward, with nearly 80% of organizations reporting an increase. However, these increases were modest, 44% reported an uplift of less than 5%, and only 36% saw increases between 5–10%. This suggests that while budgets are growing, spending remains focused on covering rising operational and talent costs.  Organizations appear to be carefully prioritizing how and where these limited increases are deployed. The top five areas of investment over the next 12–18 months include identity security, network security, SASE/Zero Trust, cyber resilience, and cloud-native application protection, indicating a strategic shift from infrastructure-heavy spending toward more targeted, risk-centric priorities that reflect the evolving threat landscape.

Teams Remain Under-Resourced and Overwhelmed

While cybersecurity is gaining executive attention, many teams remain under-resourced and lack dedicated focus. Only 6% of an organization's total workforce is allocated to internal IT, and just 13% of that is focused on cybersecurity. Less than one in six organizations have a standalone CISO, and only 6% have purpose-built teams handling Security operations and threat hunting.

This lack of specialization is impacting performance. More than half of the respondents cited an overwhelming surge in threats, with additional pressures from tool sprawl and talent retention challenges. Execution suffers as teams struggle with burnout and complexity, reinforcing the need for smarter resourcing models.

Consolidation and Convergence Become Core Strategies

As complexity grows, organizations are shifting toward unified cybersecurity frameworks that deliver end-to-end visibility, operational efficiency, and simplified management. Nearly all respondents (96%) are either converging security and networking or evaluating how to do so. In addition, Consolidation is no longer viewed as just a cost-cutting measure, it's seen as a strategic necessity. 70% of respondents are actively considering vendor consolidation, driven by benefits like faster support, cost savings, better integration, and improved security posture.

Supporting Quotes

Simon Piff, Research Vice-President, IDC Asia-Pacific, said:
“The findings of this survey reflect the growing maturity of cybersecurity across the region. Organizations are no longer experimenting with AI, they are embedding it across threat detection, incident response, and team design. This signals a new era of security operations that is smarter, faster, and more adaptive to the evolving risk landscape. AI is fundamentally reshaping how threats are identified, prioritized, and acted upon, and this evolution demands a parallel shift in cybersecurity strategy and talent.”

Bambi Escalante, Country Manager, Fortinet Philippines, said:
“CISOs across the Philippines are entering a more advanced phase of cybersecurity planning—one where AI is not just augmenting defences but influencing how organizations structure teams, allocate budgets, and prioritize threats. At Fortinet, we are helping customers embrace this shift by embedding AI across the platform, enabling faster detection, smarter responses, and more resilient operations as cyber risks become more complex and distributed. As this complexity grows, so does the need for converged, intelligent, and adaptive security models that can keep pace.”

Fortinet Unveils New AI-Powered Workspace Security Suite to Protect the Modern Enterprise

 Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced enhancements to its data and productivity security portfolio, expanding FortiMail with the launch of the FortiMail Workspace Security suite. These new capabilities establish FortiMail as the broadest and most customizable email security platform and extend protection beyond email to include browser and collaboration security. These advancements, combined with new features in FortiDLP, Fortinet’s next-generation data loss prevention (DLP) and insider risk management solution, deliver a unified, AI-powered approach to safeguarding users and sensitive data across today’s dynamic work environments.

“In today’s evolving threat landscape, securing user productivity and sensitive data requires a unified strategy that considers both outsider threats and insider risks,” said Nirav Shah, Senior Vice President, Products and Solutions at Fortinet. “Cybercriminals are aiming their efforts right at users and increasingly leveraging tools like FraudGPT, BlackmailerV3, and ElevenLabs to automate the creation of malware, deepfake videos, phishing websites, and synthetic voices—making attacks more scalable, convincing, and difficult to detect. With our expanded AI-powered FortiMail Workspace Security suite and FortiDLP solutions, Fortinet empowers organizations to stay ahead of threat actors and insider risks while ensuring users, data, and productivity remain secure.”

AI-Powered Defense for Communication, Collaboration, and Data Security

Today’s hybrid workforce relies heavily on SaaS and collaboration tools, increasing both productivity and the attack surface. As users interact with sensitive data across these platforms, organizations must address threats to both users and data in tandem. The 2025 Fortinet Global Threat Landscape Report highlights the rise of AI-enabled cybercrime, with attackers using automation to launch more convincing phishing, impersonation, and account takeover campaigns. 

Fortinet’s enhanced workspace security solutions meet this challenge head-on with AI-powered protection across email, browsers, and collaboration environments, defending against external and internal threats wherever work happens. This spans the full spectrum of user interactions and data movement across the digital workspace:

Email security, evolved: With the acquisition and integration of Perception Point—recognized as a Visionary in the 2024 Gartner® Magic Quadrant™ for Email Security1—Fortinet has significantly expanded the capabilities of the FortiMail email security platform, establishing it as the industry’s broadest and most customizable solution. FortiMail can address any email security needs, including inbound, outbound (including relays), and internal mail protection, with flexible deployment options across appliances, virtual machines, hosted services, and SaaS. It offers multiple operating modes—gateway, server, ICES, and hybrid—and features both a highly configurable UI and a streamlined SaaS experience. 

Extending security to collaboration tools: The FortiMail Workspace Security suite expands protection beyond email to web browsers and collaboration tools, enabling organizations to stop sophisticated threats across platforms like Microsoft 365 and Teams, Google Workspace, and Slack. It blocks evasive web-based attacks, hidden malware in shared files, and malicious links sent through chat and collaboration apps. The platform also enhances visibility into user activity across cloud environments, helping security teams detect and prevent account takeovers before they escalate. A built-in, 24x7 managed incident response service supports rapid threat analysis and containment to reduce operational load on SOC teams.

Smarter defense for critical data: FortiDLP strengthens this offering by adding advanced capabilities like secure data flow with data lineage and sequence detection, providing security and insider risk teams with detailed tracking of sensitive data from its source, capturing how that data is used and manipulated by users, and automatically correlating user activities to detect high-risk behavior that warrants further investigation. Whether monitoring for unauthorized sharing of confidential information through cloud drives or preventing the exposure of sensitive data to unsanctioned SaaS and GenAI platforms, FortiDLP delivers the context and control needed to protect sensitive data, including intellectual property. 

Unified Protection for a Hybrid World

With these latest enhancements, Fortinet redefines the way organizations protect users and data in the modern workspace. By combining the power of AI with integrated email, browser, collaboration, and data security, Fortinet delivers the visibility, control, and response speed security teams need, turning complexity into clarity and threats into just another task handled.

Additional Resources

• Learn more about the FortiMail Workspace Security platform. 

• Read more about the Fortinet Security Fabric.

• Visit fortinet.com/trust to learn about Fortinet innovation, collaboration partners, product security processes, and enterprise-grade products. 

• Read about how Fortinet customers are securing their organizations.

• Learn about Fortinet's commitment to product security and integrity, including its responsible product development and vulnerability disclosure approach and policies. 

• Follow Fortinet on X, LinkedIn, Facebook, and Instagram. Subscribe to Fortinet on our blog or YouTube.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

1Gartner, Magic Quadrant for Email Security Platforms, By Max Taggett, Nikul Patel, Franz Hinner, Deepak Mishra, 16 December 2024