21-9-2023 (BANGKOK) Thai businesses have emerged as the least affected by disruptive cyberattacks in the ASEAN region over the past year, with only 22% of organizations reporting a surge in incidents of 50% or more, according to a report by global cybersecurity firm Palo Alto Networks.
Cybersecurity remains a top concern for Thai enterprises as they grapple with increasingly sophisticated threats, as revealed in a survey assessing the state of cybersecurity across ASEAN.
Malware stands out as a primary worry for 57% of organizations in Thailand, mirroring the sentiment in Southeast Asia, where 60% share similar concerns, according to the survey.
The online survey, conducted in April, garnered responses from 500 corporate IT decision-makers and business leaders across five key industries: services (banking and finance), government and public sector, telecommunications and technology, retail, hospitality, food and beverage, transportation and logistics, and manufacturing.
Each of the five ASEAN countries—Singapore, Malaysia, Indonesia, the Philippines, and Thailand—contributed 100 respondents.
Tatchapol Poshyanond, Country Director for Thailand and Indochina at Palo Alto Networks, identified three principal cybersecurity challenges faced by Thai organizations. These include unmonitored and unsecured Internet of Things (IoT) devices (54% of respondents), the need for a broader range of cybersecurity solutions (47%), and an increase in digital transactions involving third parties (47%).
The most alarming threats to Thai organizations are malware (57%), account takeover (57%), and password attacks (53%).
The survey found that only 37% of Thai organizations perceive a high or very high risk of cyberthreats, the lowest among ASEAN countries. Among those organizations confident in tracking cybersecurity breaches, 22% reported an increase in disruptive attacks exceeding 50%.
However, Tatchapol cautioned against complacency, emphasizing that the lower number of disruptive cyberattacks in Thailand, compared to other Southeast Asian nations, was based on respondents’ perceptions. It does not imply that organizations should become complacent about cybersecurity.
“Cybersecurity still needs to be at the top of the minds of management, as threat actors continue to evolve in their tactics and sophistication,” he stressed.
The survey also highlighted that 38% of local organizations discuss cybersecurity at the board level on a monthly basis. Furthermore, 49% of respondents in Thailand increased their cybersecurity budgets due to factors such as optimizing operations (54%), new or changing regulations related to data privacy laws (44%), increasing digitization (37%), and the evolving threat landscape (37%).
Tatchapol outlined the top three cybersecurity strategies in Thailand, which include securing IoT and operational technology (43%), enhancing threat detection and correlation systems/platforms (40%), implementing identity and access management (38%), and adopting security orchestration, automation, and response (SOAR) strategies for the security operations center (38%).
“Attack surfaces continue to expand with digital transformation. This is particularly apparent in industries such as banking and finance, where digital transformation is the norm, and competition is fierce,” Tatchapol noted.
He underscored the imperative for Thai organizations, including those in the banking and financial sector, to establish robust IT infrastructure to fortify their readiness in addressing diverse security vulnerabilities.
