The growing cybercrime economy: Why business defenses must evolve

By Subhalakshmi Ganapathy

CYBERCRIME now operates like a legitimate, profit-driven economy. Organized groups mirror corporate structures and have specialized roles such as research and development, marketing, and customer support. As a result, cyberattacks are more scalable, efficient, and accessible than ever, transforming the threat landscape for businesses.

An example of this transformation is the rise of subscription-style cybercrime offerings such as ransomware-as-a-service (RaaS). The ready-made attack tools sold on underground marketplaces offer structured pricing tiers, user dashboards, and technical support that have effectively lowered the traditional entry barriers confronting budding cybercriminals.

While individuals with limited technical expertise can purchase exploit kits, stolen data, or phishing services to immediately launch attacks, the developers of these tools relentlessly refine their products, similar to legitimate technology companies.

This growing industrialization is expected to drive global cybercrime losses to around $10.5 trillion annually. Meanwhile, Deloitte’s Center for Financial Services estimates that synthetic identity fraud alone could generate global losses of at least $23 billion by 2030.

Countries like the Philippines are already seeing the impact. In the third quarter of 2025, over 52 million personal credentials were exposed in data breaches, representing a 49% increase compared with earlier in the year. At the same time, about 52% of Filipinos report having been scammed at least once in their lifetime, compared to the ASEAN regional average of 45%.

The financial implications are not to be taken lightly. In 2024, cyberattacks cost financial institutions some P5.82 billion, a 2.6% year-on-year increase according to the Bangko Sentral ng Pilipinas (BSP).

MODERNIZATION RISKS
The growing precarity comes as digital transformation continues in the Philippines. Growing cloud adoption, rapid expansion of financial technology platforms, and more public services moving online come as the country jumps to 137 million active mobile cellular connections, or about 117% of the population.

While this connectivity fuels innovation and is an economic growth driver, it also expands the attack surface for cybercriminals; digitizing more operations inevitably increases the number of potential entry points into corporate networks.

The government, to its credit, has recognized the need for a nationwide approach by introducing the National Cybersecurity Plan 2023-2028, but that will require enterprises to take these risks seriously and not treat them as a mere box to check.

RESILIENCE REQUIRES MORE THAN JUST BUDGETS
While the national cybersecurity market is expected to reach $282.68 million this year and expand further to $417.12 million by 2031, cyber resilience requires more than just spending on advanced security tools.

This is due to the borderless nature of cybercrime today. Cyber attackers operate across jurisdictions by sharing intelligence, tools, and techniques in online communities that allow them to collaborate globally and innovate faster than many traditional corporate security teams.

The writing is on the wall: Reactive cybersecurity strategies are no longer sufficient. Organizations must move toward proactive and layered defenses designed to anticipate and mitigate threats before they escalate.

BUILDING PROACTIVE CYBERSECURITY
A key tenet of proactive cybersecurity is the adoption of Zero Trust. Under this cybersecurity model, network location and assumed trust are earned and not given automatically. Instead, every user, device, and request is authenticated and verified continuously before access is granted.

Automation is another critical capability. With the sheer volume and speed of cyberthreats today, manual monitoring alone is insufficient. Automated threat detection and response systems improve agility, curbing incidents before they spread across the network. This also allows IT teams to focus on higher-level analysis and strategic decision-making rather than routine monitoring.

SECURITY: THE NEW LEADERSHIP MANDATE
Identity and access management must be tightly integrated into the broader security framework. As distributed environments render perimeter-based defenses less effective, controlling who can access systems under what conditions becomes increasingly important.

Central to the fight today is visibility. Continuous monitoring across endpoints, networks, and identities enables organizations to detect subtle warning signs that an attack may already be underway. With better visibility, security teams can identify unusual behavior patterns early and respond before significant damage occurs.

Ultimately, the expanding cybercrime economy is transforming cybersecurity from a purely technical concern into a strategic leadership issue. Protecting digital assets is now directly tied to revenue protection, regulatory compliance, business continuity, and long-term customer trust.

As cybercriminals continue to evolve and operate with increasing sophistication, businesses must respond with equally advanced defenses. Proactive, automated, and identity-driven security strategies are essential for Philippine financial players seeking to compete and grow safely in today’s increasingly digital economy.

Subhalakshmi Ganapathy is the chief IT security evangelist at ManageEngine.