Thailand eyes cyber fraud insurance framework

Government notes lack of formal rules for such coverage despite rising cyber threats

Thailand eyes cyber fraud insurance framework

Cyber

By Roxanne Libatique

Thailand’s National Cyber Security Agency (NCSA) is in the process of formulating a cyber fraud insurance framework to help businesses manage risks related to cyberattacks and data breaches.

According to a report by the Bangkok Post, NCSA Secretary-General AVM Amorn Chomchoey said cyber fraud insurance is not widely available in Thailand.

The country currently lacks formal rules or a regulatory framework for such coverage, despite the growing importance of personal data protection under the Cybersecurity Act and the Personal Data Protection Act (PDPA).

Chomchoey noted that leaked customer information is often exploited by scammers to cause financial and reputational harm.

Cyber fraud insurance

Cyber fraud insurance, also known as cyber risk insurance, is designed to reduce financial exposure from cybercrimes such as phishing, social engineering, and data breaches.

In established markets, this type of insurance typically covers costs associated with theft of funds, data, or digital assets. It may also provide compensation for damages to IT systems and networks, while offering third-party coverage for financial losses incurred by other businesses linked to the insured party.

For individuals, cyber fraud insurance can include protections against identity theft, fraudulent online transactions, and unauthorised use or publication of personal data. Additionally, such policies often assist with incident management, covering expenses for breach notification and response efforts.

Cyber fraud insurance framework in Thailand

The NCSA is currently working with the Office of the Insurance Commission (OIC) and other stakeholders to develop this insurance initiative.

Chomchoey indicated that the OIC would need to establish criteria for implementing and promoting cyber fraud insurance, which could include mandating its adoption among enterprises.

Previously, a mobile operator in Thailand provided compensation of 10,000 baht per person after a data breach affected its customers. However, this compensation was determined independently, in the absence of standardized guidelines or frameworks.

Cyber threats escalate across the Asia-Pacific region 

Akamai Technologies’ report, “Navigating the Rising Tide: Attack Trends in Financial Services,” identified the Asia-Pacific (APAC) region as having the highest global median threat score for phishing attacks targeting financial institutions.

The report revealed that financial services remain the top target for distributed denial-of-service (DDoS) attacks, accounting for 34% of global incidents in this category. The gaming and high-tech sectors followed at 18% and 15%, respectively.

DDoS attacks aim to overwhelm IT networks, causing service interruptions, customer dissatisfaction, and regulatory risks. Akamai attributed the increasing frequency of these attacks to geopolitical tensions, with hacker groups such as REvil, BlackCat, and KillNet exploiting conflicts, including the Russia-Ukraine war and the Israel-Hamas crisis.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!