Cybersecurity
With the rapid advancement of technology in today’s era, people can now enjoy a comfortable lifestyle by carrying out activities online without the need to physically verify their identity online without the need to physically verify their identity or use cash or paper. While this has resulted in a significant change in the way services are provided, it has also given rise to new risks that can cause potential damage. As such, the Bank is fully aware of the increasing cyber threats and is committed to ensuring the security of customer and employee data to prevent any unauthorized access and fraudulent activities that could damage the Bank's reputation and customer service.
To manage these risks, the Bank has appointed Mr. Cherdsak Nana, a Senior Director, as its Chief Information Security Officer (CISO). His responsibilities include the Bank’s cybersecurity strategies and programs, which encompass the creation, execution, measurement and monitoring of cybersecurity initiatives across the organisation. In addition, Mr. Nana provides regular updates to the Board on the Bank’s progress in enhancing its cyber threat prevention capabilities, as well as the results of its Cybersecurity Assessment and annual plan to improve the cybersecurity of its control system. The Bank has implemented a robust cybersecurity program that adopts internationally recognized security frameworks and guidelines. This program incorporates cybersecurity and data privacy regulations and best practices and is regularly assessed and updated to enhance its effectiveness in protecting against cyber threats.
The Bank has established information security standards to provide a guideline for the Bank’s employees to work appropriately with their current operations and be more secure from cyber threats and to provide such standards are reliable and consistent with the current changes by referring to international standards such as Swift CSCF, PCI DSS, NIST and ISO/IEC 27001:2013 (ISMS: Information Security Management Systems) which the Bank has adopted for Bank’s Trade Finance, Trade Online, BAHTNET, Imaged Check clearing System (ICAS), Data Center as well as the Bank’s Cloud system which has certified by CSA Cloud standard including references on Law and regulations of Bank of Thailand by reviewing security standards and improve at least once a year and conduct a test responding to abnormal cyber incidents or incident Response. If there is a general abnormality, the response will be taken immediately. If a complex abnormality is detected, it will be thoroughly analyzed and examined by specialized experts to determine the most effective way to manage it. In the event of a serious impact, the Incident Escalation Process will be initiated, and the matter will be reported to the Chief Information Security Officer (CISO), Chief Information Officer (CIO), and Chief Executive Officer (CEO) for immediate action. This may involve enhancing the security system, improving operator skills and processes, and refining internal and external communication processes. This also involves participating in cyber threat response drills with external agencies, such as the Thailand Banking Sector CERT (TB-CERT), as well as financial regulatory agencies like the Bank of Thailand, Office of the Securities and Exchange Commission, the Stock Exchange of Thailand, and the Office of Insurance Commission, and the National Cybersecurity Agency.
In addition, Krungthai Bank has established a Hybrid Cybersecurity Operation Center (Hybrid CSOC) to monitor and respond to cyber threats, which is fully compliant with international standards. This center has been equipped with a robust security system, well-trained staff, and streamlined work processes that are supervised in an automated manner through Security Orchestration, Automation and Response (SOAR) technology. A team of experienced professionals from both domestic and foreign countries is responsible for proactive threat hunting and providing 24-hour surveillance services. The Bank is also a member of the Financial Services - Information Sharing and Analysis Center (FS-ISAC) to stay informed about the latest cyber threats and attacks on global financial institutions. Through this partnership, the Bank is able to analyze and share cyber intelligence to better protect and monitor its Proactive Defensive System. This includes monitoring external cyber threat intelligence (Cyber Threat Intelligence Service) that is relevant to the Bank and its customers. In the event of an abnormal event, the Bank is prepared to notify each customer directly in order to build confidence in its ability to respond effectively and in a timely manner, demonstrating its readiness, durability, and flexibility in the face of cyber-attacks (Cyber Resilience).
Building a Cybersecurity Culture
Krungthai Bank places a high priority on fostering a culture of cyber awareness throughout the organization. By promoting a sense of responsibility for cybersecurity, the Bank aims to better counter various types of cyber-attacks across all online communication channels, including email, the Bank's website, and One application. Krungthai also communicates regularly with customers to raise awareness of cybersecurity, for example through phishing awareness promotion emails/SMSs and other communications related to new threats. The Bank has also organized an activity called "Krungthai Security Awareness 2022" - The PROTECTER, which is designed to raise awareness about cybersecurity among employees. This activity features nationally qualified speakers and academics from leading educational institutions who will provide an overview of the cyber threat landscape and teach employees how to protect themselves and the Bank from electronic threats via online systems. In addition, Krungthai is committed to providing cybersecurity training for branch staff and has developed a comprehensive training plan that takes into account the context and threats that arise each year.
The Bank is dedicated to ensuring that all employees receive cybersecurity training in various formats to enhance their understanding of cyber threats and the measures needed to protect against them. Follows are samples of the training offered
- To enhance employee knowledge and expertise in cybersecurity and protection methods for cyber threats, the Bank organize cybersecurity training events with speakers who have knowledge and expertise in various fields according to information security standards.
- Utilize E-learning activities to provide employees with knowledge on cybersecurity and have them complete cybersecurity quizzes to test their understanding.
- Perform Cyber Drills, including at least two Phishing Email Simulation Tests annually, to send fraudulent emails to employees and executives, helping them become aware that threats can occur at any time, and to be better prepared to identify potential dangers.
- Publish news with relevant and useful information through various channels, such as email, intranet, One Krungthai Application, including detailed information on how to report any information security abnormalities to employees and executives at any time.