NRCA
- 08 พ.ย. 66
-
291
-
NRCA, conducted the first cyber security drill for electronic certificate authorities (CAs) in Asia–Pacific
ETDA, through NRCA, conducted the first cyber security drill for electronic certificate authorities (CAs) in Thailand for its member agencies (SubCAs) and observers on November 2 and 3, 2023. The drill was conducted to enhance the response and recovery capabilities of CAs and to prepare them for potential cyber threats.
Dr Chaichana Mitrpant, the CEO of the Electronic Transactions Development Agency (ETDA), stated on the first CA TTX drill that certification authorities, or CAs, play a significant role in incident response and deal with cybersecurity attacks on the CA infrastructure and data breach situations.
The drill was conducted in a tabletop exercise format, which is a simulated exercise that allows participants to practice their response and coordination skills. The drill scenario involved a CA being compromised by a cyber attack, which resulted in the issuance of fraudulent certificates and the leak of customer data. This incident had a significant impact on the CA's services and reputation.
The drill was a valuable opportunity for CAs to practice their response and recovery procedures in a realistic setting. It also helped to identify areas where CAs can improve their security posture.
Specifically, the drill objectives were to:
- Enhance the response and recovery capabilities of CAs
- Prepare CAs for potential cyber threats
- Identify areas where CAs can improve their security posture
The drill was a success in achieving its objectives. CAs were able to practice their response and coordination skills in a realistic setting. They also identified areas where they can improve their security posture.
ETDA and NRCA will continue to work together to promote cyber security for CAs in Thailand. For further information, please see the link:
https://www.nrca.go.th/tha/index.html