The Office of the National Cyber Security Agency (NCSA) has launched a new project to improve enterprises' capacity to prevent and cope with increasingly sophisticated cyberthreats in the artificial intelligence (AI) era.
The programme builds security awareness through an online training course and a tabletop exercise game of cyberwars for companies, including small and medium-sized enterprises (SMEs), to lift their security capacities.
The programme is free and offers available certificates.
Interested organisations can apply to join from this month until Jan 30, 2025. The programme ends in March 2025.
NCSA secretary-general AVM Amorn Chomchoey said the agency and the Thailand Computer Emergency Response Team, in collaboration with related agencies, have helped enhance the cybersecurity capability of state units and enterprises through a series of training programmes and checklist kits, aiming for compliance with the Cybersecurity Act and the Personal Data Protection Act.
AVM Amorn said SMEs are the most frequent targets of cyber-attacks.
The segment needs to understand this and install proper cybersecurity solutions to prevent attacks, protect customer data, reduce risks and costs, enhance resource management and comply with laws and standards, he said.
According to Accenture's "Overall Business Cyber Attack Statistics 2024", 43% of global cybercrimes involve SMEs, but only 14% of SMEs are ready to cope with such threats.
Small businesses spend between US$826 and $653,587 to manage a cybersecurity incident.
Roughly 95% of cybersecurity breaches were attributed to human error, according to the World Economic Forum.
According to the Cisco 2024 report "Cybersecurity for SMEs: Asia-Pacific Businesses Prepare for Digital Defense", 65% of Thai SMEs frequently face cyber-attacks.
Some 56% of Thai businesses have experienced operational disruptions because of cyber-attacks, while 47% of businesses that were attacked suffered damage worth at least 16 million baht.
Half of Thai SMEs reported being attacked by malware (91%), followed by phishing attacks (77%).
The main reason for these attacks is their cybersecurity solutions are not effective enough to detect or prevent cyberthreats, according to NCSA.
Roughly 25% of SMEs reported they did not have a solution installed and did not prioritise security.
CHECKLIST
NCSA urges enterprises, especially SMEs, to check 11 items for early protection from increasingly complicated threats in the AI era.
The checklist includes ensuring risk assessment, educating employees, having networks well protected, backing up data, updating all systems, ensuring strong passwords and using two-factor authentication.
In addition, SMEs should use a virtual private network and secure WiFi, monitor vendors, use a managed service provider and avoid pirated software.
"If they follow the checklist, NCSA believes SMEs can prevent at least 80% of cyberthreats," said AVM Amorn.
