Thailand: Implemented NCSC criteria for defining organisations with missions or services as critical information infrastructure and assigning oversight and regulation

On 24 August 2021, the National Cyber Security Committee (NCSC) implemented an order establishing criteria for defining organisations with missions or services as critical information infrastructure. This order, under the Cybersecurity Act B.E. 2562, aims to identify organisations whose operations are vital for national security, economic stability, and public health, among others, ensuring they fall under appropriate regulatory oversight. It defines the roles and services of various government and private entities that qualify as critical infrastructure. It also designates responsible regulatory bodies for overseeing cybersecurity measures related to these critical organisations. The guidelines cover a range of sectors, including national security, public services, finance, information technology, transportation, energy, and healthcare.