AS AI starts to shape what people buy, how platforms run, and how decisions are made, gaps in accuracy, consistency, and accountability become harder to control.
At the same time, cybersecurity is gaining heightened traction in the face of the growing use of AI in the Philippines and the wider push for digital transformation.
Speaking to The Manila Times, Jan Chavez Arceo, the National Security Fellow of the Philippine Council for Foreign Relations, articulated on timely matters pertaining to rising AI adoption in the country, the advantages and risks of technological innovation, and the responses to AI-driven challenges across industries, and even across the region.
The Manila Times (TMT): What are the latest cybersecurity risks, especially those with respect to the rise of AI-driven threats? What would be the top AI-related threats in the Philippines or even in Southeast Asia?
Jan Chavez Arceo (Jan): Intelligence gathered when it comes to cyber threats, especially with the Philippines reveal distributed denial of service attacks, phishing, smishing, and some very malicious software or malware are still at the top of the threat ladder. About 2 million cyberattacks are recorded daily and these are the monitored ones.
For this year, particularly, we have seen a surge of a number of attacks that leads to data infiltration. We have been monitoring a lot of attempts at data infiltration. It started last year when we were preparing for the Asean Summit chaired by the Philippines. I also have to mention that that the issues with regards to our territories is also a major factor in all the cyberattacks and cyber threats that we are experiencing as a country.
TMT: Is there any data from where the more frequent cybersecurity threats are coming from?
Jan: Based on some of the IP addresses that’s been discovered, the cyber threats are coming from various parts. The various attempts also come in different forms known to have very tenacious cyber threat elements. There have been some reports from international news sources that the cyber threats we have monitored locally display the behavior and signature like some APTs that has been deployed by some of the countries both in the region and in the Western Hemisphere.
TMT: This has always been a question that’s been bugging a number of cybersecurity observers. It seems that hackers know the loopholes beforehand, even before those who created Windows, for instance. That kind of question.
Jan: Yes, that’s the rea`son why there’s such a thing as zero trust principles that we are actually follow now. It’s entirely possible that there are certain vectors or backdoor that may not have been discovered during the production or during the development of the digital tools and solutions.
More often than not, it’s not even due human error. Now, more and more, social engineering is being recognized as one of the more important factors that should be looked into when it comes to cybersecurity issues or cyber threats.
We know that social engineering actually focuses or targets the vulnerability in terms of the psychographics, the emotional, mental state of the target. They do it sometimes for fun, sometimes for profit. Still, social engineering is the reason behind the unexpected increase in phishing, and smishing that lead to fraud and cyber scams.
So, the organizations are entering a phase in which advances in artificial intelligence are shaping how quickly cyber risks can materialize. Some research papers are pointing to the rise of threats from internal actors. Meaning employees themselves are taking advantage of AI to commit fraud.
The most significant change however is not the emergence of new attack techniques. They’re the same techniques as the most common cyberattack vectors like phishing, DDoS, etc. but with AI in play, the acceleration of well-understood activities such as environmental analysis, vulnerability discovery, and attack path evaluation has now evolved. These activities have become faster and more efficient. The time between identifying a weakness and attempting to exploit has shortened. And that is the bigger threat now.
TMT: How are government and the private sector responding to these threats? What are the latest innovations in our nation’s response in keeping up with AI threats that seem to grow even more vicious if not more subtle and stealthy every quarter or so?
Jan: As a rule, there is a need for all organizations to make sure that they have the right tools, the right governance policies, the right workforce, and we have the right organizational culture that recognizes this AI evolution in relation to cybersecurity. Or in this case, the shift places increased pressure on cyber defense teams now.
And at the same time, there’s a dearth of cyber security defense staff. And that’s the problem not only in the Philippines but across the globe.
So there are actually a lot of ongoing initiatives domestically, as well as elsewhere in the world, to ensure that we are able to train and develop people to be part of the cybersecurity workforce. We are pursuing various approaches to ensure that we have a robust workforce pipeline when it comes to cyber security, and that we have enough cyber security people. The demand is really massive.
Of course, leadership is key when it comes to this issue. Sharing information, lessons learned, and best practices among allied nations, governments, and organizations is very critical at this point.
The good news is: Number one, we have a president whose appreciation for a robust cybersecurity posture is very high.
Number two. Yes, there is already the Asean Cybersecurity Cooperation Strategy 2026 to 2030. It was one of the key outputs of the recently concluded Asean meeting.
TMT: Are we keeping tabs of OFWs we have rescued from scam hubs in foreign countries like Cambodia? And my fear, my worst fear is, baka naman sila’y Trojan horses still operating on behalf of their supposedly former exploiter-employers.
Jan: I hear and I feel your frustration about it. But let me put it this way, these people, ito mga kababayan natin, the government will always treat them as victims. They were trafficked due to economic reasons so, we always need to look at them from the perspective of victims rather than perpetrators or part of the criminal world.
Philippine Council for Foreign Relations, or PCFR, is a civil society think tank composed of retired diplomats, defense and security senior leaders, legal luminaries, among others. In existence for lover 40 years. PCFR focuses on matters of diplomacy, international relations, defense and security in general.
