Spending on cyberthreat measures set to soar
Cybersecurity spending in Thailand is expected to soar from this year, driven by the enforcement of the Cybersecurity Act and Personal Data Protection Act (PDPA), as well as the roll-out of the 5G network and Internet of Things (IoT) devices.
Both acts were published in the Royal Gazette last May, with a one-year grace period given for stakeholders to adjust.
"We project Thailand's businesses and government to double their spending on cybersecurity technology in 2020," said Evan Dumas, regional director for Southeast Asia of Check Point Software Technologies Ltd.
The increase in spending is driven by the incoming enforcement of the two acts in May this year, as violators could face jail terms.
Mr Dumas said Singapore and the Philippines have endorsed similar laws with a grace period of a few months given because compliance with the legislation is quite complex.
Thailand ranks eighth in Asean for cyber-attacks, Check Point said.
A 2019 study on data breach costs by IBM found it takes an average of 314 days from the onset of cyber-attacks to contain them, based on cases around the world. The damage to organisations tallies US$3.9 million on average.
More business collaboration, such as digital payment services, has also prompted businesses to step up their cybersecurity protection and spending.
"Thailand has made progress in investment in cloud security, mainly in the government and banking sectors," said Mr Dumas.
He said the upcoming 5G roll-out has sparked concerns about cybersecurity as more peer-to-peer connections would be involved, along with a rising number of IoT devices.
"If there is a security breach, hackers can turn these connected devices into digital armies to carry out attacks on organisations," said Mr Dumas.
The cyberthreat level is called Gen V (fifth generation), where large and fast-moving assaults can take place because of the availability of mobile devices, cloud and on-premise networks, which could potentially wreak havoc on a significant number of companies.
The next cybersecurity approach will be on nano-scale software agents, which could be placed on every type of device or cloud platform, connected in real time with an intelligent control system that can predict, detect and prevent attacks, he said.
The approach would secure everything from individuals to IoT devices and hyper-networks, said Mr Dumas.
"We even look for security measures on smartwatches," he said.
As for this year, humans still play a major part in cyber-attacks, with hackers resorting to phishing and social engineering.
"We found 90% of cyber-attacks begin with phishing," said Mr Dumas.
Several methods of cyberthreats are still keeping pace, such as distributed denial-of-service attacks, credential stuffing and virtual private network service interference.