The standards apply to government agencies, regulatory bodies, and Critical Information Infrastructure (CII) organizations that must follow cybersecurity practices defined by the National Cyber Security Agency.
Publishing a list of CII organizations could create security risks, as malicious actors might use the information to target critical systems.
Yes. All government agencies must comply with cybersecurity frameworks defined under Section 45 of the Cybersecurity Act B.E. 2562 (2019).
A Sectoral CERT is a cybersecurity coordination center responsible for monitoring threats and responding to incidents within a specific critical infrastructure sector.
The organization should report the incident to the appropriate CERT or regulatory authority and collect relevant information to support investigation and response.
Cyber Threat Intelligence refers to analyzed information about cyber threats, including attack patterns, vulnerabilities, and threat actors, helping organizations improve defense strategies.
Training and knowledge resources are available through initiatives such as the Thailand National Cyber Academy (THNCA), NCSA Cyber Clinic, and the National Cyber Exercise.
Organizations can contact CERT teams or regulatory authorities via official email addresses or contact numbers listed on official cybersecurity agency websites.