More investment needed to bolster cybersecurity in Asean 

Gareth Pereira, principal of communications, media and technology at ATKearney, a global management consulting firm , said that underinvestment (in Asean region) is aggravating the cybersecurity threat. Cybersecurity risk across the Asean region will continue to increase as the countries are more digitally interconnected.
Currently, companies in Asean face an exposure of US$750 billion from cyberattacks and underinvestment in tackling the threat is aggravating risks across the region.
He also recommended that Asean region need to spend between US$67 to 171 billion over the next 8 years until 2025, to improve its cyber resilience. 
The region spends an average of 0.07 per cent of its collective GDP on cybersecurity annually. It is almost half of the countries' cybersecurity spending or 0.12 per cent of their GDP. 
In Thailand, spending in cybersecurity is 0.05 per cent of GDP, slightly above the average investment among Asean countries. 
Asean region would need to increase spending to between 0.35 and 0.61 per cent of GDP between 2017 and 2025, to be in line with the best in class benchmark (based on spending levels as percentage of GDP for Israel) at 0.35 per cent of GDP. The research estimates that this translates to US$171 billion in collective spending needed across Asean during the period. 
Meanwhile, Thailand's cybersecurity spending is estimated at US$23.3 billion over the next 8 years, or 0.35 per cent of GDP. 
According to Frost & Sullivan, IDC, and Gartner, in 2017, Thailand spent US$212 million in cybersecurity and expected to spend $243 million in 2018. Without urging, it is expected that Thailand's cybersecurity in 2025 will be US$511 million or 0.07 per cent of its GDP.
Vatsun Thirapatarapong, managing director of Cisco in Thailand and Indochina, said that as digital adoption grows across the region, the cybersecurity threat will increase. To be ready to tackle the issue, countries need to build the next wave of cybersecurity capability including developing the next generation of cybersecurity professionals and strengthening the local cybersecurity industry. 
In Thailand, The Electronic Transactions Development Agency (ETDA) aims to expand the country's cybersecurity workforce to 12,000 by 2021. 
“At Cisco, we are helping to build a cybersecurity workforce by providing practical security courses through the Cisco Networking Academy,” he said.
According the research report, the cybersecurity threat landscape is evolving rapidly due to the emergence of new technologies such as the Internet of Things (IoT) and the shortage of skilled and qualified cybersecurity professionals globally.
The end points in an IoT network often tend to be unsophisticated devices such as household gadgets, making it easier for attackers to hack the network. IoT attacks are already prevalent in Asia.
However, Pereira said that a combination of nascent policy preparedness, absence of a unifying regional governance framework, shortage of skilled talent, underestimation of risk and lack of adequate investment are among the factors that are contributing to the heightened risk.
Therefore, the role of the government is the facilitator to encourage the industries to invest in cybersecurity through the establishment of strategy, legislation, governance and operational entities.