Thai cybersecurity ranking dips to 35th
Others made greater strides, ETDA says
Thailand’s ranking in cybersecurity readiness fell to 35th in 2017-18 from 20th in 2016 as other countries made better cybersecurity improvements.
“The slip in ranking is not due to poorer cybersecurity competency in Thailand, as its overall score improved, it’s just that other countries have done better,” said Surangkana Wayuparb, president and chief executive of the Electronic Transactions Development Agency (ETDA).
According to the 2018 Global Cybersecurity Index by the International Telecom Union, Thailand ranked 35 out of 194 countries because the country’s new Cybersecurity Act has yet to come into full force.
Speaking at the Thailand Cybersecurity 2019 event at Centara Grand at CentralPlaza Ladprao, Mrs Surangkana said emerging threats and attacks require special skills and expertise to counter.
The world faces a growing number of cyberthreats. According to European Parliament statistics, 92% of malware infections are from mail and web attacks, while 90% of malware is distributed through phishing emails, the main cause of 72% of data breaches.
In Thailand, there were 2,520 cyberthreat incidents in 2018. The main three types were intrusion attempts, fraud and intrusion.
Pichet Durongkaveroj, the digital economy and society minister, said the Cybersecurity Act effective as of May mandates the appointment of a National Cybersecurity Committee (NCSC) within 90 days, to be chaired by the prime minister.
A further 15 NCSC members will need cabinet approval by Aug 22.
There are 30 related new regulations that need drafting under the law, with 16 pertaining to internal administrative processes and the rest to external processes like handling the response to cyber incidents.
It is estimated that at least 60-70 critical systems need to comply with seven critical information infrastructure organisations.
There are processes that need further regulations under the law, as well as transfer of ThaiCert (Thailand Computer Emergency Response Team) to the ETDA to become the National Cybersecurity Agency.
Some 130 million baht has been allocated for training a workforce in cybersecurity for critical information infrastructure, including 800 workers, 150 middle managers to handle incident responses and 20 managers to cross-share incident responses and assess business impact.
The ETDA found that of the threats the government faced in 2018, 39% were intrusion attempts, followed by online fraud (37%), intrusion (8%) and malicious code/malware (7%).