Thailand’s cybersecurity spend critical as cybercrime costs surge
Thailand’s current expenditure on cybersecurity stands starkly low at just 0.2% of corporate revenue, despite the looming surge in cybercrime-related costs projected to reach US$10.5 trillion globally by 2025, according to cybersecurity firm Fortinet.
Krungthai Compass, the research division of Krungthai Bank, anticipates that Thailand’s cybersecurity investment will climb to 18 billion baht (US$490 million) by 2025. This growth, averaging 13% annually from 2022, is expected to be driven largely by the government, financial, healthcare, and manufacturing sectors.
Pakthapa Chatkomes, country manager of Fortinet Thailand, highlighted that cyber-attacks and AI-generated misinformation are seen as significant global risks by corporate leaders, referencing a survey by the World Economic Forum.
Chatkomes cited Cybersecurity Ventures’ estimates, noting that the global economic and societal impact of cybercrime is predicted to spike from US$3 trillion in 2015 to US$10.5 trillion by 2025.
Thailand faces a critical shortage of cybersecurity professionals, with only two full-time IT security employees per 1,000 employees. Additionally, the country’s IT security spending is a mere 0.2% of corporate revenue, translating to 2 baht (US$0.05) per 1,000 baht (US$27) of revenue, Chatkomes said.
“Cybercriminals are increasingly leveraging AI to enhance their malicious activities.”
Chatkomes further explained that AI audio spoofing techniques, such as deepfake voice attacks mimicking familiar individuals, are expected to become a significant part of the AI attack chain by 2024.
Rattipong Putthacharoen, senior manager of Systems Engineering at Fortinet Thailand, reported findings from a Fortinet-IDC survey, which identified phishing, identity theft, ransomware, patching vulnerabilities, and Internet of Things (IoT) attacks as the top five cyber threats in Thailand.
“Our survey indicated that 72% of organisations in Thailand experienced a doubling of breaches in 2023.”
The most targeted sectors included technology, healthcare, telecommunications, government, and manufacturing.
Rattipong also noted that ransomware had significantly impacted businesses, with 56% of organisations reporting a doubling of such incidents.
Globally, hackers have increasingly targeted operating technology in sectors such as energy, automation, and transport. According to FortiGuard Labs’ Global Threat Landscape report for the second half of 2023, there were 222,000 common vulnerabilities and exposures, with 30,000 new vulnerabilities, representing a 17% increase from the previous half-year, reported Bangkok Post.
“Cybercriminals are now exploiting new vulnerabilities 43% faster than in the first half of 2023, with attacks occurring just 4.76 days after a vulnerability is discovered, compared to eight days previously,” Rattipong stated.