Thai firms urged to boost cybersecurity with AI-threat prevention

Investment in preventive measures against internal threats is crucial for Thai organisations to enhance cybersecurity measures and avoid financial losses and reputational damage, according to Bluebik Titans, a cybersecurity consultancy.

The rise of artificial intelligence (AI) is driving the trend of data detection and response (DDR) in data security, with DDR potentially becoming a more powerful tool than data loss prevention (DLP).

Director of Bluebik Titans, a branch of Bluebik Plc, Polnsutee Thanesniratsai stated that Thai businesses are increasingly facing internal cyber threats, often resulting from employee data leaks. These leaks include AI trade secrets that can harm a firm’s reputation and cause financial damage.

Verizon’s Data Breach Investigations Report 2024 reveals that internal actors are involved in 35% of cybersecurity incidents, a significant increase from 20% the previous year.

Over 23,000 internal documents, including sensitive data, were leaked by former Tesla employees, while a Google software engineer stole AI trade secrets and over 500 confidential documents.

In Thailand, an insider leaked data from an online grocery service, posting 1 million records of personal identity information for sale on the dark web.

Data theft

Polnsutee referenced the Cost of Insider Risks global report 2023 from US research firm the Ponemon Institute, noting a 32% increase in insider incidents from 2021 to 2022. Intellectual property or data theft accounted for 42% of insider threat events, and 55% of incidents were due to employee negligence.

The Cost of Insider Risk global report also predicts that the annual cost of insider-related incidents will rise to US$17.1 million (631.1 million baht) this year, up from US$16.2 million in 2023, based on a 5% increase over two years and steady growth from 2022.

The report indicated that 8.2% of organisations had an IT security budget of US$2,437 per employee, with only US$200 allocated for insider risk management, said Polnsutee.

“In my personal experience, average organisations in Thailand spend 20,000 to 30,000 baht on cybersecurity per employee and a very low level of insider prevention investment.”

There are three types of insider threat actions, The first is fraud through manipulative processes or systems for personal gain, such as financial theft. The second type is data theft involving the stealing of proprietary information like trade secrets or product design. Lastly is system sabotage, causing deliberate damage or disruptions to IT systems, resulting in operational downtime or data loss.

To mitigate these risks, Polnsutee recommends that organisations enhance their insider threat management capabilities, including using technical solutions that combine sensor input, AI analytics, and response workflows, as well as policies, guidelines, and investigations that extend beyond typical cybersecurity measures, reported Bangkok Post.

A new trend involves using AI-enabled technology for better insider risk management, which can monitor employee behaviour, data access patterns, and user activities to identify and mitigate risks. According to Polnsutee, this approach represents DDR.

“This can prevent data leaks from users who use public AI through web browsing.”