The digitalization of aviation has heightened exposure to cyber risk, yet Philippine aviation governance and practice remain fragmented. This study evaluates sectoral vulnerabilities and feasible mitigations using a multi-method design: (i) document analysis of CAAP circulars, DICT’s National Cybersecurity Plan 2022, and international guidance (ICAO, IATA, NIST, ISO/IEC 27001); (ii) case studies (Cathay Pacific breach; London Heathrow USB mishandling) chosen for analytic transferability to Philippine operations; and (iii) risk modeling via a likelihood–impact matrix with a transparent 1–5 rubric adapted from ICAO SMM, NIST SP 800-30, and DICT, scored independently by two researchers with consensus reconciliation. I integrate results through a SWOT–TOWS synthesis and propose an AI/ML feasibility roadmap tailored to on-prem/air-gapped constraints. Findings reveal high-priority risks, including unauthorized ATC access, reservation-system data breaches, and airport-network ransomware (ris score = 20), driven by monitoring gaps, legacy systems, and uneven policy enforcement. Moderately ranked threats (weak framework implementation; phishing) and under-analyzed insider risk reflect systemic and human-factor weaknesses, compounded by underreporting and limited inter-agency coordination. The study’s novel contribution is a localization map that operationalizes global frameworks for Philippine conditions: phased NIST CSF adoption, tiered ISO/IEC 27001 pathways, and ICAO-aligned CAAP–DICT coordination with centralized incident reporting; plus a staged, low-cost AI/ML roadmap with KPI tracking (MTTD/MTTR, precision/recall). Limitations include the absence of primary stakeholder data and local incident/cost series; we outline a quantitative extension using operator surveys and Expected Annual Loss modeling to strengthen future empirical grounding. The results inform regulators, airlines, and airports on risk-based prioritization and practical governance upgrades to enhance national aviation cyber resilience.