Philippine banks and financial institutions are pouring millions into fraud detection systems, cloud security tools, and real-time monitoring platforms as cyber threats grow more sophisticated.
But behind the sector’s expanding cybersecurity budgets lies a less visible vulnerability: a severe shortage of local cyber talent capable of operating, managing, and strengthening those defenses.
The gap has become a growing concern as financial institutions race to comply with tighter regulatory requirements under Republic Act 12010, or the Anti-Financial Account Scamming Act (AFASA), while facing an increasingly hostile threat environment marked by phishing campaigns, account takeovers, and digital fraud.
Industry experts warn that while financial institutions are investing heavily in technology, many remain critically understaffed in the very teams needed to defend against attacks.
In effect, the country’s financial sector is buying more cybersecurity tools — but often lacks enough qualified people to wield them.
Rising attacks, limited defenders
The urgency is becoming harder to ignore.
Kaspersky recorded 38,370 phishing attempts linked to financial scams in the Philippines in 2024, underscoring the growing threats facing local banks, e-wallets, and digital payment platforms.
The broader picture is equally concerning. Cyber incidents targeting the Philippines surged 325% in the first quarter of 2024, according to the Cybersecurity in ASEAN: Navigating the Evolving Threat Landscape report, while 94% of organizations in the country reported experiencing at least one security breach last year.
The country has long ranked among the region’s most heavily targeted digital environments. A 2018 report cited by the Philippine News Agency identified the Philippines as Southeast Asia’s most attacked country in cyberspace and the 10th most targeted globally. At the time, the country ranked 37th out of 193 nations in the Global Cybersecurity Index.
By 2025, those rankings had shifted to 20th globally in cyberattack exposure and 53rd in cybersecurity preparedness — a sign that while relative attack volumes may have changed, significant gaps in resilience remain.
For the financial sector, where trust is currency, the stakes are especially high. A successful cyberattack can trigger not only financial losses, but also reputational damage, regulatory penalties, and erosion of consumer confidence in digital financial services.
Yet the country’s ability to respond remains constrained by a limited cybersecurity workforce.
The Department of Information and Communications Technology (DICT) has estimated that the Philippines has only around 200 certified cybersecurity experts, many of whom are working overseas.
As of 2021, just 202 professionals in the country held Certified Information Systems Security Professional (CISSP) credentials, one of the industry’s most recognized certifications.
For a financial sector rapidly digitizing through open finance, instant payments, embedded banking, and AI-powered services, that number is alarmingly low.
The outsourcing paradox
To bridge the gap, many Philippine financial institutions have turned to managed security service providers, regional cybersecurity firms, and offshore security operations centers.
On paper, outsourcing offers immediate access to specialized expertise. In practice, however, it can introduce new risks.
Cybersecurity analysts note that outsourced teams may lack the institutional context needed to detect anomalies specific to local transaction behaviors, regulatory frameworks, and customer fraud patterns.
Response times can also suffer when threat management is handled across multiple geographies and time zones.
For banks operating in an environment where fraudulent transactions can occur in seconds, delays in incident response can prove costly.
This dependence on external expertise has created what some industry observers describe as a structural weakness: Philippine financial institutions are strengthening their defenses, but often without building the in-house capability required for long-term resilience.
Why the talent pipeline remains weak
The shortage persists despite rising interest in technology careers and increasing demand for cybersecurity professionals.
Industry leaders point to deeper structural issues that continue to hinder talent development.
One of the most persistent problems is how cybersecurity is positioned within organizations. In many institutions, cybersecurity is still treated as a technical support function rather than a strategic business priority.
This often results in constrained budgets, limited influence at the executive level, and unclear career progression for practitioners.
A compliance-first mindset compounds the problem.
Rather than building mature security programs, some organizations focus on meeting minimum regulatory requirements — enough to pass audits, but not enough to foster innovation or long-term capability development.
Recruitment practices have also drawn criticism.
Security professionals say poorly written job descriptions, generic hiring templates, and interview processes disconnected from real-world cyber problem-solving often deter qualified candidates.
The result is a hiring environment where roles are frequently misaligned with actual organizational needs.
Regulatory pressure is mounting
The Bangko Sentral ng Pilipinas has tightened expectations around cybersecurity governance as digital financial activity expands.
The Anti-Financial Account Scamming Act requires banks and electronic money issuers to implement stronger fraud monitoring, faster detection systems, and more proactive consumer protection measures.
At the same time, regulators are placing greater emphasis on operational resilience, incident reporting, and continuous risk assessment.
Meeting those expectations requires more than software upgrades.
It requires skilled personnel capable of threat hunting, vulnerability assessment, incident response, and security architecture design.
Without sufficient local talent, compliance risks becoming an exercise in box-ticking rather than genuine cyber resilience.
Building the workforce banks urgently need
Efforts are underway to address the shortage.
The DICT’s National Cybersecurity Plan 2023–2028 outlines a long-term strategy to strengthen the country’s cyber workforce through scholarships, awareness programs, public-private partnerships, and expanded technical training.
Private sector initiatives are also stepping in.
Amazon Web Services (AWS), for example, is scaling its digital skills programs in the Philippines to equip Filipinos with cloud, artificial intelligence, and cybersecurity-adjacent capabilities.
AWS Philippines Country Manager Precious Lim recently said the country is at a “critical inflection point” in digital transformation, driven by the rapid adoption of AI and cloud technologies. But she acknowledged that workforce readiness remains a major challenge.
The cloud giant has expanded access to training platforms such as AWS Skill Builder and deepened partnerships with institutions including TESDA and DepEd to widen technical education pathways.
These efforts are complemented by community-led learning ecosystems.
The AWS cloud community in the Philippines has grown into a network of more than 30,000 members, offering workshops, mentorship, hackathons, and practical training opportunities that many participants say have become gateways into highly specialized technology careers.
For financial institutions increasingly dependent on cloud-native infrastructure, these programs could become an important feeder system for future cyber talent.
A race against digital risk
The Philippines’ financial sector is moving deeper into digital finance, from app-based banking to AI-driven fraud analytics.
But as attack surfaces expand, so too does the need for people who can defend them.
The challenge now facing banks is not whether to invest in cybersecurity. It is whether they can build — or attract — the human expertise required to make those investments effective.
Until then, the country’s financial institutions may continue strengthening their digital walls while leaving too few defenders behind them.
