The Philippines may have climbed the ranks in the Global Cybersecurity Index (GCI), but ask any Filipino who has received a shady text message or clicked on a suspicious link, and they’ll tell you a different story. From bogus delivery messages to fake crypto pitches, digital threats have become part of a Pinoy’s daily life.

So what does this improved global ranking really mean for ordinary citizens? And more importantly, are we safer today than we were a few years ago?

We sat down with Ian Felipe, Country Manager of Trend Micro Philippines, to get his expert take on where the country truly stands in its fight against cybercrime – and how individuals, businesses, and even the government can stay one step ahead.

The Philippines has made an impressive leap in the GCI ranking, a benchmark used to assess how well countries are protecting themselves in the digital world. At first glance, this is great news. But according to Felipe, we shouldn’t get too comfortable.

“The upward movement is a positive indicator,” Felipe said. “But in today’s dynamic threat landscape, progress must be continually reinforced with proactive, data-driven strategies.”

Translation? The rankings show improvement, but the threats are evolving faster than our defenses. Felipe emphasized the importance of identifying exposure and prioritizing risk areas – something that Trend Micro’s Cyber Risk Exposure Management (CREM) solution excels at. With this proactive approach, organizations could understand where they’re vulnerable before criminals find those weaknesses.

Despite the higher ranking, cyber incidents are still rampant in the country. From fake job offers to malicious links that hijack your bank credentials, Filipinos remain a prime target. Why?

Cyberattacks don’t just target weak systems; they zero in on exploitable human behavior. Part of the problem, Felipe says, is our digital culture. Filipinos are prolific social media users, and scammers are quick to capitalize on this. This means that phishing and social engineering scams are more successful here than in countries with higher digital literacy. “Filipinos will always be an easy target for threat actors that rely on human-centric attack vectors,” he noted.

If a cyberattack takes down a major government agency or utility provider, would the Philippines be able to respond effectively?

While we’re more prepared than before (thanks to the National Cybersecurity Plan and increased investment in digital security), Felipe emphasizes that there’s still a long way to go before we can rest easy. Many organizations still lack the tools and trained personnel to respond quickly and effectively. This, he offered, is where companies like Trend Micro come in, offering advanced threat detection tools, expert response teams, and training programs to strengthen local institutions. Think of it as fire drills for the internet – except the fires are invisible and the attackers never sleep.

One of the more encouraging developments is Trend Micro’s growing partnership with the Department of Information and Communications Technology (DICT).

From holding cybersecurity seminars in regional offices to training the country’s 32 Security Operations Centers (SOCs) under the National SOC, Trend Micro is helping build a digitally secure culture in government.

“We regularly share threat intelligence and help conduct training sessions with public sector teams,” Felipe said. “Whether it’s crafting safer policies or rolling out grassroots education, we’re committed to being a strong partner.”

On the policy front, the Philippines already has laws in place to fight cybercrime. But Felipe warns that laws alone won’t cut it.

“As cyber threats grow more sophisticated, a reactive approach is no longer enough,” he said.

He recommends a shift toward prevention, not just punishment. Building teams, updating systems, and preparing for attacks before they happen could help.

Critical sectors like Finance, Healthcare, and Defense face unique threats. These are attractive targets for criminals because the payoff is higher – whether it’s personal data, government secrets, or large amounts of money.

Unfortunately, many of these sectors still operate with limited protections. Trend Micro’s solution is a thorough cybersecurity platform that provides “comprehensive and multilayered defense for protection, as well as proactive security.”

Artificial Intelligence (AI) has become a double-edged sword in cybersecurity. While it could help companies detect threats faster and smarter, it is also being utilized to launch smarter attacks.

Trend Micro is at the forefront of this epochal change. Felipe shared that their systems use AI to protect not just traditional computers, but also businesses that are adopting AI in their own operations. It’s a digital arms race, and the good guys need to stay ahead.

With more Filipinos (and significant capital) diving into cryptocurrency, the risks have exploded. Felipe shared that “the most pressing threats include malware attacks (especially InfoStealers that target digital wallets and credentials), phishing scams that impersonate legitimate crypto platforms, investment frauds like Ponzi schemes and rug pulls, and social engineering tactics that exploit user trust. Additionally, vulnerabilities in cloud storage, exposed web applications, and DDoS attacks are becoming more common, putting both individuals and organizations at risk.”

To address this, Trend Micro uses AI-driven threat detection solutions and user education programs to keep both investors and platforms secure.

Ever clicked on a suspicious link or replied to a text from a “delivery” service? You’ve probably been targeted by a social engineering scam – where attackers use psychology, not code, to break in. And with the vast majority of Filipinos having access to cellphones but limited digital literacy, these scams aren’t just annoying; they can be devastating.

Trend Micro offers tools like PhishInsight, which runs fake phishing campaigns inside organizations to train employees how to spot real ones. They also recommend enabling multi-factor authentication, adopting a ‘zero trust’ mindset (not clicking anything unless you’re 100% sure it’s legit), and regular education, because attackers keep changing tactics.

“Even the best tools won’t help if people are unaware or too trusting,” Felipe warned.

Looking ahead, Felipe says we should brace for more AI-driven attacks, especially those that mimic human behavior or create fake audio/video clips to trick people. Other upcoming threats include attacks on cloud services (where much of our data now resides), breaches in supply chains (like third-party vendors), and the continued rise of personal data theft.

The country is facing a shortage of cybersecurity professionals. And this, according to Felipe, has real-world consequences. “94% of organizations in the Philippines experienced a breach in the past year, with many attributing these incidents to the lack of available cyber talent.”

To counter this, Trend Micro is investing in training programs, certifications, and even community outreach to get young people interested in cybersecurity early on.

Felipe’s vision of a secure Philippines isn’t just about firewalls and passwords. It’s about shared responsibility among individuals, businesses, and government.

He envisions a proactive country that uses “specialized AI for prediction, detection, and prevention, enabling organizations to respond faster and more effectively to potential attacks. Central to this strategy is robust threat intelligence, a unified platform that adapts to dynamic environments, and a trusted partner who can guide and support every step of the journey toward stronger security.”

A cyber-resilient Philippines would be a place where every citizen – from the teenager on TikTok to the CEO of a telco – understands their role in keeping the digital space safe.