The Electronic Transactions Development Agency (ETDA) is preparing to move ThaiCert under the jurisdiction of the National Cybersecurity Agency (NCSA), with a budget of up to 1 billion baht to enforce the Cybersecurity Act that took effect May 27.
In 2018, there were 2,520 cyberthreat incidents in Thailand, and these attacks are expected to continue because state agencies have done little to respond over the past few years.
Surangkana Wayuparb, executive director of the ETDA, said that within 12 months ThaiCert (Thailand Computer Emergency Response Team), currently under the ETDA, will move to the NCSA. The ETDA expects to have 100 cybersecurity workers and a budget of 500 million-1 billion baht to protect and monitor critical cyber-infrastructure.
ThaiCert, which is a business unit of the ETDA, employs 50 experts and monitors 250 state agencies.
The ETDA will play a supporting role by issuing digital identity provider licences and digital signature licences to mitigate the number of fake accounts and increase confidence in electronic transactions over e-commerce platforms, as well as define minimum security standards for data exchanges.
There is a 134-million-baht budget for training a security workforce that the Digital Economy and Society Ministry will oversee.
The enforcement of the Cybersecurity Act and Personal Data Protection Act will raise awareness among public and private agencies.
"To implement the new bill successfully, we need collaboration between all the new regulators," Mrs Surangkana said.
Many actions will be delayed because approval needs to come from a new government and prime minister to select a National Cybersecurity Committee under the law and a National Data Protection Committee under the Personal Data Protection Act.
There are 24,000 devices per day infected with malicious apps, while Internet of Things (IoT) attacks have increased 600%, ransomware surged 350% and Office 365 attacks increased 38% in one year.
China, the US and Russia were the three most attacked countries globally in the first quarter of 2019. Cyber-attacks are expected to cost US$6 trillion per year until 2021, of which 71% of incidents will be caused by simple email phishing scams.
Mrs Surangkana said the new law should allow state and public service providers to ensure personal data protection. The role of artificial intelligence in protecting data will increase in cybersecurity attack tools, and the IoT will be a prime target for attacks.
Hackers will continue to attack through software vendor vulnerabilities, and fake identity scams are likely to increase.
The ETDA conducted a survey of the Cybersecurity Health Check at state agencies to compare 2018 with 2016 and found that state agencies still had a meagre capability to respond to cyberthreats.
To boost cybersecurity awareness, the agency is organising the Thailand Cybersecurity 2019 event, taking place June 19-20 at CentralPlaza Ladprao and featuring global security experts and regulators.
