Thailand is the fourth most cyber-savvy nation among six Asia-Pacific countries surveyed by global IT security company ESET.
Malaysia is the most cyber-savvy in Asia, ahead of Singapore, India, Thailand, Hong Kong and Indonesia, says ESET in its Asia Cyber Savviness Report 2015.
Polling 1,800 respondents from the six countries, the survey aimed to gain insights into the attitudes, knowledge and user behaviour across Asia when it comes to cybersecurity.
On the other hand, countries like Malaysia, Singapore and Thailand, which ranked among the top in ESET's awareness survey, ranked near the bottom when it came to protecting themselves.
Nearly 85% of Thai respondents had received some form of cybersecurity education, the highest in any market.
"But they were only able to answer 72% of cybersecurity questions correctly, which shows that they still lack the actual knowledge to protect themselves," said Parvinder Walia, sales director for Asia-Pacific of ESET, a Slovakia-based anti–virus software firm.
Thailand's overall cyber-savviness score was affected by two other factors — exposure to cybersecurity risk factors and proactive steps.
Some 38% of Thai respondents took unnecessary risks while online, including clicking on banner ads or connecting to unsecured public Wi-Fi networks.
Users in Thailand were likely to use weak passwords and rarely back up their data, thereby exposing themselves to cyberthreats, said Mr Walia.
Mr Walia said cyberattacks are becoming more sophisticated, with an increase in targeted attacks or advanced persistent threats to steal valuable data.
As more devices connect to the internet and more people share their personal data online via social media like Facebook, Twitter and LinkedIn, more valuable data is exposed.
Moreover, the emergence of the Internet of Things, the rise of cloud computing and the proliferation of mobile devices increase the chances of cyberattacks, he said.
"Nobody can avoid cyberthreats completely, but cybersecurity education and having security products in place can mitigate the risks substantially," said Mr Walia.
He said the government should establish a central authority to coordinate all cybersecurity matters, identify and develop cybersecurity policies for the country as well as manage the diverse use of technology across all government bodies.
It is also important to build active security monitoring capabilities and streamline alert and events monitoring, and respond to incidents within the government by establishing a computer emergency response team as well as training competent cybersecurity personnel.
Mr Walia said Thailand had always been a very attractive market for ESET, especially among the SME, manufacturing, health care, hospitality and education sectors.