Cybersecurity pros lacking in Thailand
IT officials want the number of professionals with certification to go up by five fold in the next four years
By Komsan Tortermvasana
Thailand is facing a big shortage of information security professionals, with fewer than 1,000 Thais working in the cybersecurity field.
Of the total, only 198 Thais have Certified Information Systems Security Professional (CISSP) qualifications, a worldwide standard for digital security literacy — 13 times less than South Korea — according to Surangkana Wayuparb, chief executive of the Electronic Transactions Development Agency (ETDA).
To successfully deal with growing cyberthreats, the number of CISSP professionals should be increased to 500 by next year and 1,000 by 2022, said Ms Surangkana.
“Cybersecurity is a primary form of soft infrastructure for digital economy development,” she said.
According to the ETDA report, cyberattacks increased 10 per cent year-on-year in terms of fraud, scams, hacking, system attacks, and malware that is used for cybercrime, terrorism or destruction.
Last year, there were 3,797 cases reported to the ETDA, with the actual numbers likely higher.
Among countries in Asia, the number of cybersecurity professionals is low in Thailand.
South Korea has the most CISSP experts with 2,766, followed by 1,877 in India, 1,720 people in Japan, 1,579 in Singapore, 1,472 in Hong Kong, 1,457 in China, 287 in Malaysia and 109 people in the Philippines.
To deal with the need for more cybersecurity professionals, Ms Surangkana said the ETDA and the Thailand Information Security Association jointly created the Information Security Expert Certification (ISEC), a cybersecurity course for Thais, in 2013.
The local standard for cybersecurity certification is called CISSP (Thai).
Around 495 people have enrolled in the course since 2013, but only 105 of them received certification as cybersecurity experts. The course is open to state and private employees free of charge.
Ms Surangkana said those who were certified by the ISEC are ready to undertake the international CISSP exam.
A weak point of several state agencies is that they lack security awareness at numerous managerial levels, she said.
The ETDA established the ThaiCERT (Computer Emergency Response Team) unit in 2015, offering the Government Monitoring System to state agencies.