In the face of the growing cyber attacks over the Internet, The Government of Thailand is working to qualify its citizens and cadres and provide them with cybersecurity skills to face cyber threats, This is done through training courses for employees, a learning platform for citizens and the sharing of international experiences to build capacity in this sector.
With the global trend towards digitalization, New and sophisticated forms of cybercrime are emerging that are divided into two main categories, The first targets computers as viruses, The second uses computers to spread malware and damage other devices. This prompts governments to put in place precise regulatory requirements to protect their institutions and infrastructure.
The number of such attacks in Thailand is doubling daily. It may cost the economy more than 2% of GDP, Especially since Thai institutions and companies are not sufficiently protected due to the lack of experts capable of keeping pace with the rapid development of the digital economy, And whose number does not exceed 250. All of this has undermined public trust in government institutions and critical infrastructure. The most reported cybercriminals in the country are call center fraudsters who cause their victims tens of thousands of dollars in losses annually.
For these reasons, The National Cybersecurity Agency seeks to launch a project capable of improving the cybersecurity capabilities of citizens, To be responsible for developing the skills and competencies related to it for public and private sector workers and ensuring the achievement of international standards. In this project, the Agency relied on an innovative approach based on engaging and developing the skills of the public through electronic means that are easy to use and access.
This trend came especially after the phenomenon of electronic fraud worsened during the spread of the Covid-19 pandemic with the increasing rates of online work. Major companies have been subjected to serious attacks that included brand impersonation, data mining and destruction. This leaves a huge impact on businesses that need a long time to recover in its wake, One campaign targeted several hospitals by hacking their data and demanding a $30,000 ransom. This has caused great turmoil for the government, which adopts the slogan "People First", Disrupting a vital sector like the health sector puts people's lives at risk.
First thing The Agency has launched an intensive capacity-building program targeting workers in 7 critical information infrastructure sectors. These are the State Security Agencies, and public services, finance, Communications and information technology, Transportation and logistics, energy, and public health. Then The agency will make cybersecurity accessible to the public using e-learning platforms that will offer educational materials and training courses in Thai. The Agency also conducts electronic competitions among learners to encourage them. The "Best Cyber Talent" competition, organized by the IAEA in cooperation with Huawei, attracted 600 participants in 2021.
In the world of technology, Proven solutions outperform development methodologies, so, The agency relies on cyber intelligence companies that have teams specialized in monitoring online activities. Although developers can use machine learning algorithms to automatically recognize cyberattacks before they occur, The agency has found firewalls more useful, Adding them to the software of a web application allows us to know the source of requests, It determines whether it is a hacking attempt or not.
For now The agency is developing cybersecurity learning classes at the National Academy of Cybersciences, With the aim of transferring basic and advanced cyber knowledge to 2,250 government employees and 1,000 specialists and executives in key infrastructure sectors. It will also prepare training courses to prepare auditors and qualify cadres working in various organizations to build their capacities in this field. It is demanding the establishment of a critical infrastructure to alert authorities to any cybersecurity breach attempts.
Because hackers' strategies are constantly evolving and must be kept up, The Agency adopts a shared learning approach, It studies the experiences of different countries such as the United States and Australia, It receives training from research institutions such as the American "Meter" Foundation, It cooperates with Asian countries such as Singapore, Through the Asian Singapore Centre of Excellence in Cybersecurity, It supports the sharing of international knowledge and cybersecurity across the continent. Internally, The Agency collaborates with the Ministries of Education and Global Education to develop students' talents and e-skills.
After the government developed the plan to adopt the digital economy and community work between 2018 and 2022, It issued a law for the protection of personal data and another for cybersecurity. The latter allows it to track and monitor all electronic activities in the name of an emergency or as a precautionary measure, Including the work of private organizations that may require the disclosure of stakeholder names and contact information. As for the Personal Data Protection Law, It was similar to the EU GDPR system with minor modifications to suit local needs, It gives citizens and businesses control over how their data is collected, stored, shared, and protected by organizations.
But the cybersecurity law has been widely criticized because it gives the government broad powers in the country's digital economy. The Government explained that it was necessary, Especially for companies that use or provide computer systems that benefit national security institutions or are related to public services.
It is noteworthy that the educational platform attracts hundreds of interested people, Specialists also noted that turning any educational material into a game increases the interest of the recipients, Especially if this material is cybersecurity, This may lead students to think of it as a future career and thus compensate for the lack of future skills. This also establishes a state of knowledge sharing, and promotes the farthest objective of the project, It is capacity building and strengthening protection against cyberattacks.