Cybersecurity in Thailand remains ‘weak’ amid increasingly complex threats, especially from AI

Thailands cybersecurity landscape remains uncertain, with organisations facing rapidly increasing threats in both volume and sophistication. According to the National Cyber ​​Security Agency (NCA), organisations in Thailand experienced more than 1,002 cyber incidents between January and May 2025. Key challenges include new AI-driven threats and a shortage of cybersecurity talent.

The global cost of cybercrime is estimated to now exceed $7 trillion and is projected to continue to rise in the coming years. This assessment highlights the significant challenges businesses face as they navigate the evolving cyber threat landscape. Cloudflare has released the Cloudflare Signals Report, which provides a clear picture of the evolving cyber threat landscape and helps organizations better understand digital threats and strengthen their cybersecurity.

The study found that Cloudflare blocked more than 20.9 million DDoS attacks last year, a 50% increase from the previous year. Additionally, more than half (63%) of organizations in Thailand experienced a data breach. Despite government advice not to pay the ransom, 52% of breached organizations still paid the ransom. This reflects a troubling reality facing Thai organizations the scale and sophistication of cyber threats is outpacing traditional defenses.

Although the Thai government has launched the Cyber ​​Security Year, a collaboration between over 100 public and private sectors, to address the increasing threats, the increasing complexity of todays cyber security landscape means that cyber resilience is no longer the sole responsibility of IT departments alone, but rather a strategy that requires the entire senior management to be a part of.

Modern solutions solve emerging problems: Using AI to fight AI

The rise of remote work and cloud adoption has made the attack surface for internal threats even larger and harder to detect. Attackers are increasingly targeting automated attacks that can evade detection and exploit vulnerabilities faster than organizations can react. From credential stuffing and bot attacks to AI-powered DDoS attacks, 94% of login attempts using stolen credentials are now carried out by bots that can test thousands of passwords per second. AI-powered automation is also the leading cause of high-impact DDoS attacks, often driven by botnets and large numbers of insecure IoT devices.

Generative AI also allows criminals to seamlessly create virtual identities, mixing real and false information to evade traditional verification systems. AI-generated profiles, deepfakes, and automated attacks with stolen credentials make these fake identities increasingly difficult to detect.

AI-driven threats also require AI-powered defenses. As generative AI becomes part of workflows, organizations need to integrate AI-enhanced threat detection, automated defenses, and strong identity protection practices to ensure they are fully resilient to threats. Integrating AI into their overall security posture gives organizations a clearer, more holistic view of their security posture, and leverages AI-driven threat detection to analyze large data sets, detect anomalies, and counter new threats in real time.

Blind Spots: Shadow AI, Supply Chain Risk, Geopolitical Threats, and Post Quantum Readiness

The threats dont stop there, there are many challenges organizations face when it comes to security today. For example, employees are rapidly adopting AI tools that security teams cant keep up with, creating blind spots in shadow AI that can evade traditional controls and compliance. Geopolitical tensions are also spilling over into the cyberspace, with many organizations ignoring threats and thinking they have them under control, while state-sponsored attacks are disrupting industries and exposing serious vulnerabilities in supply chains.

Meanwhile, post-quantum cryptography adoption remains sluggish, with quantum-safe HTTPS traffic increasing from 3% to 38% year-over-year in March 2025. This sluggish adoption reflects a worrying lag in enterprise readiness. As quantum computing approaches the point where traditional encryption can be cracked, leaders must accelerate the adoption of post-quantum cryptography to protect data over the long term and meet evolving security requirements.

Supply chains remain one of the biggest weaknesses. With organizations relying on dozens to hundreds of third-party scripts, even one compromised server can open the door for attackers to gain entry. According to the World Economic Forum, 54% of large companies cite third-party risk management as a top cyber resilience challenge.

With the emergence of new risks, Zero Trust is no longer an option its a necessity to plug these gaps.
 

Zero Trust is the new standard in common use

Static passwords and multi-factor authentication (MFA) are no longer enough in a world plagued by threats like session hijacking, sophisticated phishing, and MFA bypasses. Organizations must evolve to a full Zero Trust architecture, including passwordless authentication and ongoing risk-based access controls.

It is encouraging to note that 65% of organizations have already invested or plan to invest in a Zero Trust solution, and 32% plan to do so this year. Organizations in Thailand can close this gap by evolving their Zero Trust strategy, moving from siloed controls to creating a single, enterprise-wide security layer, moving from a singular focus on managing secure remote access to a unified identity, data and traffic policy across all user environments.

Thankfully, many enterprise leaders are turning to platforms that are designed for resiliency, global adoption, autonomous response, and real-time visibility. This is real value, not just in reducing risk, but also in enabling organizations to be agile. The organizations that will thrive are those that embed Zero Trust in their digital foundations and make it part of their digital evolution, scalability, and secure innovation.

Compliance, continuity and safety must be designed in from the start.

Ultimately, regulatory compliance can no longer be an unplanned, reactive effort. Our study found that 63% of Thai organisations spend more than 5% of their IT budgets addressing compliance and regulatory requirements, while 59% report spending more than 10% of their workweek meeting regulatory and industry certification requirements.

Last year, the Personal Data Protection Committee (PDPC)s Expert Committee fined a data controller THB7,000,000 for a personal data breach. The company was subsequently ordered to appoint a Data Protection Officer (DPO), improve its data security measures, and provide data protection training to its employees. The additional fines and enforcement orders demonstrate that the Expert Committee is ready to take full and long-term regulatory action against violators of the Personal Data Protection Act (PDPA).

In addition to avoiding legal penalties, building strong security measures has broader implications for maintaining trust, reputation and long-term resilience in an environment where the costs or fines for failing to take appropriate action are increasing.

In an era of AI-driven attacks, heightened regulatory demands, and complex digital connections, cybersecurity should no longer be isolated, reactive, or an afterthought. Security cannot wait, and neither should businesses. In addition to responding to threats, organizations need to build resilience into their processes, innovation, and growth. The future will belong to organizations that act decisively by deploying AI-powered defenses, securing supply chains, accelerating readiness for post-quantum threats, and embedding a Zero Trust mindset across their systems. And it should be done now. In the era of AI, security is not an option, it is a cornerstone.
 

Cloudflare / FAQ Co., Ltd. (PR)