Digital transformation in the Philippines has moved from being a goal to an essential part of how organisations operate, compete, and serve their communities. This shift is evident across sectors – from financial services and government to education, healthcare, and commerce – as digital platforms become integral to everyday life.
In recent years, the country has been recognised as a leading improver in the UN E-Government Development Index, reflecting steady advances in digital public service delivery. Yet, progress across all sectots has been uneven, influenced by a mix of geography, regulation, and existing infrastructure. Organisations continue to adapt, responding to fast-paced technological change, rising user expectations, and an increasingly interconnected global digital economy.
Through a series of roundtables with national leaders, Ecosystm examined the realities of digital transformation on the ground. What emerged were valuable insights into what’s working and where challenges and shifts are reshaping the definition of success in this evolving stage of digital maturity.
Theme 1: Strengthening the Foundations for Nationwide Digital Equity
The Philippines is advancing steadily in digitalisation, especially in Metro Manila and major urban centres, though the full benefits have yet to reach all regions evenly. Rural provinces and smaller islands face ongoing challenges with broadband access, latency, and mobile coverage, reflecting the country’s unique geography and historic underinvestment in digital infrastructure.
National programs like the National Broadband Plan and Free Wi-Fi for All have established important foundations. Fibre rollouts by private telecom providers are extending coverage, but last-mile connectivity in geographically isolated and disadvantaged areas (GIDAs) still needs attention. Bridging this gap is key not only for broader inclusion but also to enable widespread adoption of technologies such as cloud computing, AI, and edge solutions.
Achieving nationwide digital transformation requires a focused effort on regional infrastructure as a driver of inclusive growth. This involves co-investment, innovative public-private partnerships, and policies supporting shared towers, data centres, and satellite-backed connectivity. This benefits enterprises and critical citizen services like e-learning, e-health, and digital banking.
Theme 2: From Outsourcing Hub to Innovation Engine – The Next Chapter for Talent
The Philippines has established a strong global presence as a trusted centre for BPO and IT-enabled services, contributing nearly 9% to the national GDP and employing over 1.5 million professionals. In recent years, this foundation has rapidly evolved, with talent increasingly taking on complex roles in knowledge process outsourcing (KPO), AI annotation, fintech support, and cybersecurity operations.
This shift reflects a broader transformation – from a labour-cost-driven outsourcing model to a high-skill, innovation-focused services economy. However, this transition is placing growing demands on the talent pipeline. Skilled cloud engineers, AI developers, and cybersecurity experts remain in short supply, with demand surpassing the current capacity of training and reskilling programs.
To fully unlock its potential, the country needs to future-proof its talent ecosystem. This includes expanding technical education, strengthening collaboration between academia and industry, scaling national upskilling initiatives, and creating incentives that encourage tech professionals to build their careers locally. With targeted investment, the digital workforce can become a powerful competitive advantage on the global stage.
Theme 3: Government Digitalisation Is Accelerating – But Interoperability Remains a Challenge
The Philippines has made major progress in digitising government services – from online business registrations via Business Name Registration System (BNRS) to digital ID rollout through PhilSys (Philippine Identification System), and integrated platforms like eGov PH Super App. The pandemic accelerated adoption of e-payment systems, telemedicine, and virtual public services, driving faster digital transformation across agencies.
Despite this progress, interoperability challenges remain a key hurdle. Many government agencies still rely on siloed legacy systems that limit seamless data exchange. This fragmentation affects real-time decision-making, slows service delivery, and creates a fragmented experience for citizens and enterprises navigating multiple platforms.
Going forward, the priority is system-wide integration. Building a truly citizen-centric digital government requires interoperable data architectures, strong privacy-by-design frameworks for cross-agency collaboration, and scalable API-driven platforms that enable secure, real-time connections between national and local government systems. A connected digital state not only boosts efficiency but also strengthens public trust and paves the way for more adaptive, responsive services.
Theme 4: Cyber Resilience Is No Longer Optional – It’s Strategic
As digital transformation accelerates, the Philippines has become one of Southeast Asia’s most targeted countries for cyberattacks – particularly in sectors like financial services, critical infrastructure, and government. High-profile breaches at agencies such as PhilHealth, the Philippine Statistics Authority, and COMELEC have brought cybersecurity to the forefront of national priorities.
Regulatory steps such as the Cybercrime Prevention Act and the establishment of the Department of Information and Communications Technology (DICT) Cybersecurity Bureau have laid important groundwork. Yet, enterprise readiness remains uneven. Many organisations still rely on outdated defences, limited threat visibility, and ad hoc response plans that are outpaced by today’s threats. More importantly, many still look at cyber purely from a compliance angle.
As AI, IoT, and cloud-based platforms scale, so too does the attack surface. Cyber resilience now demands more than compliance – it requires dynamic risk management, skills development, intelligence sharing, and coordinated action across sectors. The shift from reactive to adaptive security is becoming a defining capability for both public and private institutions.
Theme 5: Financial Access at the Grassroots: The Digital Shift
One of the Philippines’ most notable digital transformation successes has been in fintech and digital financial services. Platforms like GCash, Maya, and the government’s Paleng-QR PH program have significantly expanded access to cashless payments, savings, and credit – especially among unbanked and underbanked communities.
By 2024, nearly 80% of Filipinos were using mobile financial apps – a striking milestone that reflects not only growing digital adoption but also evolving cultural and economic behaviours. From sari-sari stores to market vendors, digital wallets are reshaping everyday commerce and opening new avenues for financial empowerment at the grassroots level.
Still, digital inclusion is not automatic. Maintaining this momentum will require continued investment in digital literacy – particularly for older adults, rural communities, and lower-income groups – as well as stronger measures for cybersecurity, consumer protection, and interoperable ID and payment systems. Done right, digital finance can serve as the foundation for a more inclusive and resilient economy.
A Moment to Rethink What Progress Looks Like
As digital systems take root across the Philippines’ economy and institutions, the focus is shifting from speed to staying power. The next phase will depend on the country’s ability to translate broad adoption into long-term value – through strategies that are inclusive, resilient, and built to scale.
Indonesia’s vast, diverse population and scattered islands create a unique landscape for AI adoption. Across sectors – from healthcare to logistics and banking to public services – leaders view AI not just as a tool for efficiency but as a means to expand reach, build resilience, and elevate citizen experience. With AI expected to add up to 12% of Indonesia’s GDP by 2030, it’s poised to be a core engine of growth.
Yet, ambition isn’t enough. While AI interest is high, execution is patchy. Many organisations remain stuck in isolated pilots or siloed experiments. Those scaling quickly face familiar hurdles: fragmented infrastructure, talent gaps, integration issues, and a lack of unified strategy and governance.
Ecosystm gathered insights and identified key challenges from senior tech leaders during a series of roundtables we moderated in Jakarta. The conversations revealed a clear picture of where momentum is building – and where obstacles continue to slow progress. From these discussions, several key themes emerged that highlight both opportunities and ongoing barriers in the country’s digital journey.
Theme 1. Digital Natives are Accelerating Innovation; But Need Scalable Guardrails
Indonesia’s digital-first companies – especially in fintech, logistics tech, and media streaming – are rapidly building on AI and cloud-native foundations. Players like GoTo, Dana, Jenius, and Vidio are raising the bar not only in customer experience but also in scaling technology across a mobile-first nation. Their use of AI for customer support, real-time fraud detection, biometric eKYC, and smart content delivery highlights the agility of digital-native models. This innovation is particularly concentrated in Jakarta and Bandung, where vibrant startup ecosystems and rich talent pools drive fast iteration.
Yet this momentum brings new risks. Deepfake attacks during onboarding, unsecured APIs, and content piracy pose real threats. Without the layered controls and regulatory frameworks typical of banks or telecom providers, many startups are navigating high-stakes digital terrain without a safety net.
As these companies become pillars of Indonesia’s digital economy, a new kind of guardrail is essential; flexible enough to support rapid growth, yet robust enough to mitigate systemic risk.
A sector-wide governance playbook, grounded in local realities and aligned with global standards, could provide the balance needed to scale both quickly and securely.
Theme 2. Scaling AI in Indonesia: Why Infrastructure Investment Matters
Indonesia’s ambition for AI is high, and while digital infrastructure still faces challenges, significant opportunities lie ahead. Although telecom investment has slowed and state funding tightened, growing momentum from global cloud players is beginning to reshape the landscape. AWS’s commitment to building cloud zones and edge locations beyond Java is a major step forward.
For AI to scale effectively across Indonesia’s diverse archipelago, the next wave of progress will depend on stronger investment incentives for data centres, cloud interconnects, and edge computing.
A proactive government role – through updated telecom regulations, streamlined permitting, and public-private partnerships – can unlock this potential.
Infrastructure isn’t just the backbone of digital growth; it’s a powerful lever for inclusion, enabling remote health services, quality education, and SME empowerment across even the most distant regions.
Theme 3. Cyber Resilience Gains Momentum; But Needs to Be More Holistic
Indonesian organisations are facing an evolving wave of cyber threats – from sophisticated ransomware to DDoS attacks targeting critical services. This expanding threat landscape has elevated cyber resilience from a technical concern to a strategic imperative embraced by CISOs, boards, and risk committees alike. While many organisations invest heavily in security tools, the challenge remains in moving beyond fragmented solutions toward a truly resilient operating model that emphasises integration, simulation, and rapid response.
The shift from simply being “secure” to becoming genuinely “resilient” is gaining momentum. Resilience – captured by the Bahasa Indonesia term “ulet” – is now recognised as the ability not just to defend, but to endure disruption and bounce back stronger. Regulatory steps like OJK’s cyber stress testing and continuity planning requirements are encouraging organisations to go beyond mere compliance.
Organisations will now need to operationalise resilience by embedding it into culture through cross-functional drills, transparent crisis playbooks, and agile response practices – so when attacks strike, business impact is minimised and trust remains intact.
For many firms, especially in finance and logistics, this mindset and operational shift will be crucial to sustaining growth and confidence in a rapidly evolving digital landscape.
Theme 4. Organisations Need a Roadmap for Legacy System Transformation
Legacy systems continue to slow modernisation efforts in traditional sectors such as banking, insurance, and logistics by creating both technical and organisational hurdles that limit innovation and scalability. These outdated IT environments are deeply woven into daily operations, making integration complex, increasing downtime risks, and frustrating cross-functional teams striving to deliver digital value swiftly. The challenge goes beyond technology – there’s often a disconnect between new digital initiatives and existing workflows, which leads to bottlenecks and slows progress.
Recognising these challenges, many organisations are now investing in middleware solutions, automation, and phased modernisation plans that focus on upgrading key components gradually. This approach helps bridge the gap between legacy infrastructure and new digital capabilities, reducing the risk of enterprise-wide disruption while enabling continuous innovation.
The crucial next step is to develop and commit to a clear, incremental roadmap that balances risk with progress – ensuring legacy systems evolve in step with digital ambitions and unlock the full potential of transformation.
Theme 5. AI Journey Must Be Rooted in Local Talent and Use Cases
Ecosystm research reveals that only 13% of Indonesian organisations have experimented with AI, with most yet to integrate it into their core strategies.
While Indonesia’s AI maturity remains uneven, there is a broad recognition of AI’s potential as a powerful equaliser – enhancing public service delivery across 17,000 islands, democratising diagnostics in rural healthcare, and improving disaster prediction for flood-prone Jakarta.
The government’s 2045 vision emphasises inclusive growth and differentiated human capital, but achieving these goals requires more than just infrastructure investment. Building local talent pipelines is critical. Initiatives like IBM’s AI Academy in Batam, which has trained over 2,000 AI practitioners, are promising early steps. However, scaling this impact means embedding AI education into national curricula, funding interdisciplinary research, and supporting SMEs with practical adoption toolkits.
The opportunity is clear: GenAI can act as an multiplier, empowering even resource-constrained sectors to enhance reach, personalisation, and citizen engagement.
To truly unlock AI’s potential, Indonesia must move beyond imported templates and focus on developing grounded, context-aware AI solutions tailored to its unique landscape.
From Innovation to Impact
Indonesia’s tech journey is at a pivotal inflection point – where ambition must transform into alignment, and isolated pilots must scale into robust platforms. Success will depend not only on technology itself but on purpose-driven strategy, resilient infrastructure, cultural readiness, and shared accountability across industries. The future won’t be shaped by standalone innovations, but by coordinated efforts that convert experimentation into lasting, systemic impact.
2025 is already shaping up to be a battleground for cybersecurity. With global cybercrime costs projected to reach USD 10.5T, by year’s end, the stakes have never been higher. Cybercriminals are getting smarter, using AI-driven tactics and large-scale exploits to target critical sectors. From government breaches to hospital data leaks and a surge in phishing scams, recent attacks highlight the growing financial and operational toll of cyber threats.
As cyber threats intensify, the demand for stronger defences, top-tier cybersecurity talent, and global collaboration has never been more urgent.
Here’s a look at the recent cyber developments that are shaping 2025.
Click here to download “Cyber Lessons from the Frontlines” as a PDF.
Major Security Breaches: A Costly Wake-Up Call
Cyberattacks are becoming more targeted, disruptive, and costly – impacting governments and organisations worldwide.
In Singapore, mobile wallet fraud is surging, with phishing tactics causing USD 8.9K in losses – 80% linked to Apple Pay. In the UK, security flaws in government IT systems have exposed sensitive data and infrastructure. South Africa’s government-run weather service (SAWS) was also forced offline, disrupting a critical resource for airlines, farmers, and emergency responders. Across the Atlantic, a data breach at a Georgia hospital compromised 120,000 patient records, while BayMark Health Services, the largest addiction treatment provider in the US, alerted patients to a similar breach.
What steps are governments, tech providers, and enterprises taking to protect themselves, critical infrastructure, and individuals?
Protecting Critical Infrastructure: The Digital Backbone
As global connectivity expands, securing critical infrastructure is paramount to sustaining growth, stability, and public trust.
Undersea cables, which carry much of the world’s internet traffic, are a major focus. While tech giants like Amazon, Meta, and Google are expanding these networks to boost global data speed and reliability, the need for protection is just as urgent – prompting the EU to invest nearly a billion dollars in securing them against emerging threats.
Governments and tech providers alike are stepping up. The European Commission has introduced a cybersecurity blueprint to strengthen crisis coordination, rapid response, and information sharing. Meanwhile, Microsoft is investing USD 700M in Poland’s cloud and AI infrastructure, working with the Polish National Defense to enhance cybersecurity through AI-driven strategies.
Quantifying Cyber Risk: Standardised Threat Assessment
As cyber threats grow more sophisticated, so must our ability to detect, measure, and respond to them.
A major shift in cybersecurity is underway – one that prioritises standardised threat assessment and coordinated defense.
The UK is leading the charge with a new cyber monitoring centre that will introduce a “Richter Scale” for cyberattacks, ranking threats much like earthquake magnitudes. Emerging countries are also joining in; Vietnam is strengthening its cyber defences with a new intelligence-sharing platform designed to improve coordination between the government and private sector.
By quantifying cyber risks and enhancing intelligence-sharing, these efforts are shaping global cybersecurity norms, improving response times, and building a more resilient digital ecosystem.
Beyond Defence: Proactive Measures to Combat AI-Driven Cybercrime
Cyber threats evolve faster than defences can keep up – a single click on a malicious email can lead to a breach in just 72 minutes.
With AI making cyberattacks more sophisticated, governments are taking an active role in cyber law enforcement.
Indonesia set up a cyber patrol to monitor and regulate harmful online content while also working to create a safer digital space for children. Thailand, Cambodia, and Laos are cooperating to curb cross-border scams through intelligence sharing and joint enforcement efforts.
Building Trust Online: Digital Identity Solutions
Governments are moving beyond enforcement to strengthen security with digital identity frameworks.
The EU is leading this shift with large-scale pilots for digital identity wallets, designed to offer citizens a secure, seamless way to verify credentials for services, transactions, and age-restricted content. By 2026, each EU member state will issue its own wallet, built on unified technical standards to ensure cross-border interoperability and stronger cybersecurity.
Digital identity wallets mark a major shift in data security, giving citizens greater control over their information while strengthening online trust. By securing identity verification, governments are reducing fraud and identity theft, creating a safer digital landscape.
Closing the Gap: Global Cyber Education Push
Cybersecurity education is no longer just for IT teams – it’s essential at every level, from executives to employees, to build long-term resilience.
Again, governments and tech giants alike are stepping up to bridge the skills gap and enhance cyber awareness.
Singapore is leading by example with a cyber-resilience training program for board directors, ensuring corporate leaders understand cyber risk management. AWS is investing USD 6.35M to support cybersecurity education in the UK, and Microsoft is expanding its global training efforts. The company has partnered with Kazakhstan to strengthen public sector cybersecurity and has committed to training one million South Africans in AI and cybersecurity by 2026.
The Path Forward: A Collective Responsibility
The cybersecurity landscape underscores a crucial truth: resilience can’t be built in isolation. Governments, businesses, and individuals must move past reactive measures and adopt a collective, intelligence-driven approach. As threats grow more sophisticated, so must our commitment to collaboration, vigilance, and proactive defence.
In an increasingly interconnected world, securing the digital landscape is not just necessary – it’s a shared responsibility.
Ecosystm research shows that customer engagement is emerging as the main beneficiary of AI implementations in Malaysia with 44% of AI investments being led by CX/Marketing/Sales teams.
Explore the key trends that are transforming the Malaysian technology landscape and stay tuned for more data-backed insights on Southeast Asia’s tech markets.
The Big5 CIO Priorities India ’24 Study reveals the pulse of India’s top technology leaders, offering insights into the country’s technology roadmap.
The study reveals that while a substantial 86% of organisations plan to augment their investments in cybersecurity in 2024, a comparatively modest 30% will prioritise SecOps and security analytics.
