The Cyber Security Act B.E. 2562 came into force on May 28, 2019 with the objective of defining policies, measures, guidelines for maintaining cyber security. For government agencies and the private sector that are important information infrastructures to prevent, cope and reduce risks from cyber threats. not to affect the security of the state and peace within the country, including the Office of the National Cybersecurity Commission (NSC) to be the agency responsible for the work under the Act and coordinate operations with both the public and private sectors whether in general or situations that pose a serious threat to security This will make the prevention and response of cyber threats more effective.
Duties and powers of the Office
- (1) Recommend and support in the preparation of policies and plans on cybersecurity. and the action plan for maintaining cyber security under Section 9 to the Committee
- (2) Prepare a code of practice and a standard framework for maintaining cyber security under Section 13, paragraph one (4), for submission to the CRC for approval.
- (3) Coordinate actions to maintain cybersecurity of critical information infrastructure agencies under Section 53 and Section 54.
- (4) to coordinate and cooperate in establishing a security coordination center for computer systems in the country and abroad in connection with cybersecurity incidents and determine the measures used to solve problems in order to Maintain cyber security
- (5) Execute and coordinate with government and private agencies in responding and dealing with cyber threats as assigned by the Commission.
- (6) Surveillance the risks of cyber threats, monitor, analyze and process information about cyber threats. and alerts about cyber threats
- (7) Operations, coordination, support and assistance Agencies involved in implementing cybersecurity policies and plans Cybersecurity Action Plan and measures to prevent, cope and reduce risks from cyber threats or by order of the Board
- (8) Take action and cooperate or assist in the prevention, countermeasure and reduction of risks from cyber threats. especially cyber threats that affect or occur to critical information infrastructure
- (9) Enhance knowledge and understanding about cybersecurity This includes raising situational awareness about cyber threats together in order to implement integrated and up-to-date operations.
- (10) To be a center for collecting and analyzing information on cybersecurity of the country. Including disseminating information related to cybersecurity risks and incidents to government agencies and private agencies.
- (11) To be a center for coordination between agencies on cybersecurity of government agencies and private agencies. both at home and abroad
- (12) to enter into agreements and cooperate with organizations or agencies both domestically and internationally in matters relating to the performance of duties and powers of the Office; Upon approval from the Board of Directors
- (13) Study and research information necessary for maintaining cyber security. To make recommendations on cybersecurity measures Including regular training and training on how to deal with cyber threats for relevant agencies.
- (14) Promote, support and act in disseminating knowledge about cybersecurity. as well as conduct training to enhance skills and expertise in performing duties related to cybersecurity
- (15) Report on progress and situation regarding the implementation of this Act. including problems and obstacles proposed to the Board of Directors for consideration and proceedings within the period specified by the Board.
- (16) to perform any other work related to the maintenance of cybersecurity of the country as assigned by the Committee or the Council of Ministers for the purpose of carrying out the duties and powers under (6), the Office shall establish a system security coordination center; National computer is a unit within the office. and shall have duties and powers as prescribed by the Board.
