Some 35% of businesses in Thailand said their most significant cyberbreach has cost US$1 million or more in damage, according to Cisco's 2019 Asia-Pacific Chief Information Security Officer Benchmark study.
Cybersecurity technology is in high demand following the roll-out of the Cybersecurity Act and Personal Data Protection Act, as well as the national ID scheme. Investment in cybersecurity technology has reached $63 million (1.91 billion baht).
The emergence of Internet of Things, new WiFi 6 and 5G are expected to ramp up the possibility of cyber-attacks. Operational technology (OT) systems, connected medical equipment, airports and smart building systems are possible targets of attacks, said the study.
"The burgeoning online population and services such as mobile banking, e-commerce and digital government services have led to an increase in the number of cyber-attacks," said Vatsun Thirapatarapong, managing director for Thailand and Indochina at Cisco.
The study surveyed 2,000 respondents from 11 countries in Asia-Pacific, including 151 from Thailand.
It found 35% of companies in Thailand saw a financial impact of $1 million or more from their most significant breach, compared with 30% globally.
In Singapore, 40% of respondents reported financial losses of above $1 million as the country is more engaged with technology than Thailand.
The study found 29% of respondents in Thailand experienced a downtime of 24 hours or more, compared with just 4% globally and 23% in Asia-Pacific.
It showed 45% of respondents in Thailand reported receiving more than 50,000 threat alerts a day, while only 23% globally. Companies investigated 48% of the threats, up from 37% in 2018.
The top three barriers to the country's adoption of advanced security technology are lack of knowledge of process and technology, a shortage of trained personnel and compatibility issues with legacy systems.
Kerry Singleton, director of cybersecurity in Asean for Cisco, said in Asia-Pacific, 23% of respondents faced cybersecurity breaches costing over $2.5 million, compared with 15% globally.
Complexity because of the multi-vendor environment and the increased sophistication of businesses with OT networks and multi-cloud adoption continue to challenge security practitioners in Asia-Pacific.
"Business can simplify security in three key areas: workforce, workload and workplace. Doing so enables organisations to protect users and their devices against stolen credentials, phishing and other identity-based attacks, manage multi-cloud environments and contain lateral movement across the network," he said.