ARTIFICIAL intelligence (AI) has become an accelerant in cybersecurity, empowering defenders while also supercharging adversaries. Threat actors are already weaponizing agentic AI to orchestrate adaptive, autonomous attacks that move at machine speed. Phishing campaigns evolve in real time, malware rewrites itself midstrike, and deepfakes impersonate executives with increasing precision.
DEEP VISIBILITY Current AI technology helps organizations stay secure and resilient in an increasingly digital world. CHATGPT-GENERATED GRAPHICS
For security leaders such as chief information security officers, this should mark a turning point, especially in the Philippines, where human speed and static defenses are no longer enough. Teams already strained by skills shortages and alert fatigue face an expanding gap between how fast attackers innovate and how quickly they can respond. With more than 84 percent of Philippine organizations experiencing supply chain breaches in 2024, and the financial sector alone absorbing P5.82 billion in cyber losses, the urgency has never been greater.
Closing this gap requires a new form of intelligence that can observe, reason and act.
Turning AI from threat to force multiplier
Get the latest news
delivered to your inbox
Sign up for The Manila Times newsletters
By signing up with an email address, I acknowledge that I have read and agree to the Terms of Service and Privacy Policy.
The same technology fueling attackers can, and must, empower defenders. Unlike traditional AI that analyzes data, agentic AI learns, reasons and adapts from outcomes. In practice, this means AI systems can not only flag alerts but also orchestrate responses, suggest next steps and execute them safely under human oversight.
With complete visibility into network activity alongside AI-driven reasoning, organizations gain a force multiplier that enables strained teams to work smarter, respond faster and act with greater confidence.
New threats, old tools
This era of AI-driven threats is unlike anything security leaders have seen before. The Philippines has witnessed this evolution firsthand. In the first half of 2025 alone, nearly 3.7 million Filipino user credentials were compromised, while the country experienced nine ransomware attacks, already matching the entire 2024 total, alongside 88 major breach incidents. Deepfake misuse is also rising, from fabricated political endorsements during the 2025 Philippine midterm elections to AI-generated videos impersonating public figures.
The Gigamon 2025 Hybrid Cloud Security Survey underscores this shift: Sixty-one percent of CISOs report more sophisticated phishing campaigns; 58 percent are seeing a surge in AI-powered ransomware; and 47 percent have witnessed attacks targeting large language models.
Traditional log-based tools were designed for a slower, more predictable threat landscape and cannot match the speed, scale and sophistication of AI-driven attacks. At the same time, only 45 percent of Philippine firms allocate more than 10 percent of IT budgets to cybersecurity, even as the government rolls out a plan to train 5,000 cybersecurity professionals over the next three years. This gap between resources and threats leaves security teams stretched thin, struggling to secure increasingly complex hybrid cloud environments while managing escalating risk.
CISOs are under growing pressure, with nearly half citing they are the primary person held accountable when a security breach occurs. In this environment, relying solely on human speed and traditional tools is no longer sufficient. The solution is to leverage AI to fight AI, using agentic systems that can adapt in real time to stay ahead of adversaries.
The source of truth in a noisy world
In today’s hybrid, multi-cloud environment, the network provides the clearest picture of what is really happening. By collecting and analyzing traffic and activity across on-premises servers and cloud systems, and combining it with information from existing security tools, organizations gain a complete view of their systems. This deep observability helps teams see issues early, track performance and spot potential security risks before they escalate.
With this real-time visibility as a foundation, intelligent AI can go a step further. It analyzes patterns, flags unusual activity and suggests responses, helping teams detect threats faster, resolve issues more effectively and manage compliance risks proactively. This approach allows security teams to focus on higher-priority tasks rather than being bogged down by routine alerts.
For Philippine organizations navigating complex digital transformation, this is critical. According to research earlier this year, 32 percent of Philippine organizations reported having no way to detect cybersecurity incidents within their supply chains, exceeding the global average of 30 percent. This visibility gap is particularly concerning, as the Philippines ranked as the second most affected country in Southeast Asia for data breaches since 2004.
From detection to foresight
Cybersecurity is no longer just a technical concern; it is a business imperative. In 2025, 83 percent of CISOs reported discussing deep observability with directors, up from 76 percent last year.
In the Philippines, this shift aligns with national priorities. The country improved its United Nations Global Cybersecurity Index ranking from 61st to 53rd place, reflecting the government’s commitment through the National Cybersecurity Plan 2023-2028, which aims to strengthen incident response, protect critical infrastructure and foster public-private collaboration.
The urgency is heightened by the evolving threat landscape, exemplified by a cyberattack earlier this year on the Philippine Army that exposed roughly 10,000 pieces of critical information, alongside ongoing South China Sea tensions that continue to drive cyber operations from nation-state actors targeting military and telecommunications sectors in the Philippines. For businesses navigating this environment, national efforts alone are not enough. Organizations must equip themselves with tools that provide both visibility and adaptive intelligence.
By combining deep observability with agentic AI, security teams gain the ability to move from reacting to incidents toward anticipating them. This gives organizations the foresight to act before threats materialize, turning cyber resilience into a competitive advantage. For Philippine companies navigating rapid digital transformation amid an evolving threat landscape, this combination represents the difference between vulnerability and confidence in an AI-driven future.
Sarah Banks is the vice president of product management at Gigamon, a cybersecurity and network observability company best known for network traffic visibility and deep observability solutions used by large enterprises, service providers and government organizations.