Protecting tomorrow by tackling advanced cyber threats today

Piyanat Suanapai
PwC Thailand Spotlight, insights on business and industry trends in Thailand and beyond.

Hello, I’m Piyanat Suanapai, your podcast host.

Cyber threats are increasing in number and frequency, as well as growing in complexity. Businesses are facing security challenges they’ve never encountered before. Protecting data and ensuring continuous, secure operations are crucial. The emergence of new cyberattack methods requires having strong cyber defences to prevent potentially unexpected and damaging consequences.

Today, we have Prasert Jarusripat, Risk Assurance Partner, PwC Thailand, with us on the podcast. He’ll take you on an insightful journey through the current cyber threat landscape in Thailand and share the most effective strategies for combating these risks. Let’s dive into the conversation with him now.

Hello Prasert.

Prasert Jarusripat
Hello.

Piyanat
How are current cyber threat trends evolving, and what new cybersecurity measures do Thai organisations need beyond standard cybersecurity measures?

Prasert
Over the past three to four years, many organisations have made significant changes in their IT systems. These include adopting new technologies such as blockchain and artificial intelligence. Some businesses have found that managing everything in-house is no longer feasible due to the high investment required. As a result, they’ve started outsourcing IT services to external providers—commonly referred to as IT outsourcing or third-party IT services. Even organisations that previously insisted on maintaining all their data internally have begun migrating data to the cloud. That way, they can offer new services to clients and support business growth while simultaneously reducing operational costs.

However, these technologies can also facilitate various cyber threats, such as malware, ransomware and zero-day attacks. These emerging threats have rendered many of the traditional cybersecurity measures insufficient. Despite having good protection, many organisations have been unprepared for the complexity of these threats and how quickly they’ve evolved. We’ve seen numerous news reports of data breaches, stolen or sold information, and ransomware incidents locking down computer systems.

So, organisations should adopt a hybrid approach that combines prevention and detection solutions. That way, they can minimise the risk of attacks as well as see when threat actors attempt to breach systems and get around existing defences.

Piyanat
Based on your experience, what do you see as the key challenges Thai businesses face in defending against cyber threats? Many organisations experience recurring cyberattacks. Beyond standard security solutions, what else can help prevent or detect anomalies before businesses fall victim to cybercriminals?

Prasert
That’s a very good question. Many organisations face similar challenges. They have invested heavily in security tools, yet they still struggle to effectively prevent cyber threats.

One of the key issues I’ve heard repeatedly is that IT departments often don’t have a comprehensive inventory of their organisations’ IT assets. They may not know how many devices are in use, where these devices are located or who is responsible for them. In some cases, the IT department relies on asset registers maintained by other departments. However, these records are often incomplete or aren’t updated in a timely manner. For example, sometimes IT receives information that’s already six months old. This lack of timely and accurate information makes it difficult for IT teams to implement effective protection strategies in time. Some devices haven’t received critical patches, which are essential because they close newly discovered vulnerabilities that arise continuously in active systems. In some cases, systems have gone without patching for over 12 months. This is a major reason why organisations fall victim to cyberattacks, resulting in system damage or data breaches.

So, the current trend among many IT departments is to move away from manual security management toward automated solutions. These provide a centralised, real-time overview of all devices within the organisation. IT departments can see which assets are present, who manages them and their security status. They can quickly close security gaps remotely and immediately block compromised devices from the network.

Even with robust defences, new technologies inevitably bring new types of risks. It’s therefore likely that existing preventive measures can’t block every novel threat. Organisations must be able to detect anomalies. There are two ways to do this.

The first is establishing a Security Operations Centre (SOC), so the organisation can internally monitor and analyse irregular activities. The advantage here is that critical data remains in-house. There’s no need to share it with external parties. However, a SOC requires substantial investment. It requires advanced technology and hiring experts to continuously review logs and respond to incidents.

The second option is to outsource log management to a managed service. The benefits of this approach are lower investment costs in infrastructure and personnel, access to standardised processes and flexible pricing based on usage. The trade-off is that organisations must share their logs with an external provider. Many organisations increasingly prefer managed services, but they must select trustworthy and reputable providers.

Piyanat
What cybersecurity investments should Thai companies prioritise right now, and what roles do employees play as the first line of defence against cyber threats?

Prasert
I think the most valuable investments currently shouldn’t focus solely on adopting new technologies or tools. Development of an organisation’s personnel and internal processes is just as important.

For employees, ongoing cybersecurity training is essential to build awareness around security best practices in their daily activities and transactions. It’s critical to foster a culture where employees are encouraged to recognise and promptly report any anomalies or suspicious activity to security teams.

From a process perspective, I strongly recommend that organisations adopt internationally recognised standards or frameworks. For example, using those from the National Institute of Standards and Technology (NIST) or guidelines issued by Thai regulators. Select a standard that aligns with the organisation’s operating model. That will set the foundation for robust governance, end-to-end security management processes and continuous process improvement.

Investments of this nature should be holistic, encompassing people, processes and technology.

Piyanat
Finally, what’s your outlook on the future landscape of cyber threats? What advice would you give to Thai organisations that are looking to start building their cybersecurity defences?

Prasert
Cyber threats are becoming more complex and severe. Many companies have started adopting AI systems, which can sometimes bypass traditional security controls. For example, AI can decrypt encrypted data, potentially enabling unauthorised access to sensitive organisational information. Additionally, as I mentioned earlier, many organisations rely on outsourced or third-party providers. When organisational data is entrusted to these providers, inadequate security management on their part elevates the risk of cyberattacks. Therefore, it’s highly unlikely that a single security measure can offer 100% protection against all cyber threats.

Thai organisations should evaluate three key areas. First, conduct a comprehensive risk assessment on the business and IT systems in use, then implement a balance of preventive and detective controls. Second, have full visibility into all existing IT systems and devices to ensure security vulnerabilities can be addressed thoroughly and promptly. Where possible, adopt automated security solutions. Third, evaluate your security management model to determine whether it’s more suitable to manage everything in-house or to leverage managed services. If you decide on managed services, ensure you select only trusted and reputable providers.

Finally, beyond technology and good management processes, organisations should cultivate a strong cybersecurity culture among employees. This will enhance organisational resilience and readiness to respond effectively to future threats.

Piyanat
What Prasert just shared reemphasises that having strong cybersecurity measures isn’t just a technical issue. It’s a competitive advantage that strengthens business operations. Investing in and seriously prioritising cybersecurity helps ensure seamless and secure operations while also building trust with customers and business partners.

Thank you, Prasert, for joining us today to share your insights.

Prasert
Thank you and you’re very welcome.

Piyanat
For more information, please visit our website at www.pwc.com/th or follow PwC Thailand social media channels – LinkedIn, X and Facebook for our latest updates.

Don’t forget to like and follow the PwC Thailand Spotlight podcast series so you don’t miss out on our new episodes.

That’s it for today, thank you and goodbye.

Back to top