Fifty-eight percent of organisations across Thailand encountered cyberthreats powered by artificial intelligence (AI) in the past year, while 90% of organisations are already using AI in their security environment, according to a survey commissioned by Fortinet.
The 2025 IDC survey covered 550 IT and security leaders across 11 Asia-Pacific markets including Thailand between February and April 2025, with 88% of respondents from organisations with more than 250 employees who were directly involved in cybersecurity decision-making.
Supakorn Kungpisdan, country manager for Fortinet Thailand and Laos, said chief information security officers (CISOs) across Thailand are entering a more advanced phase of cybersecurity planning. They are finding that AI is not only augmenting defences, but also influencing how organisations structure teams, allocate budgets and prioritise threats.
According to Fortinet, AI is transforming cybersecurity on both sides of the battlefield.
Defenders are using it to automate threat detection, accelerate incident response and scale intelligence at unprecedented speed.
Attackers are harnessing AI to craft faster, stealthier and more adaptive threats, making the race between offence and defence more dynamic than ever, noted Fortinet.
According to the IDC study, 58% of organisations across Thailand report encountering AI-powered cyberthreats in the past year. Of those, 62% reported the increase doubled and 34% reported a threefold gain in threat volume.
These attacks are harder to detect and often exploit blind spots in visibility, governance and internal processes.
In contrast, more than 90% of organisations across Thailand are already using AI in their security environment.
Organisations are rapidly progressing from AI-powered detection to more advanced use cases such as automated response, predictive threat modelling, AI-driven incident response, AI-powered threat intelligence and behavioural analytics, according to Fortinet.
These top five use cases reflect how detection has become an essential requirement, while response, prediction and orchestration are now the next frontier.
Generative AI is also gaining traction, with adoption focused on light-touch tasks such as updating rules and policies.
However, trust in autonomous action remains limited. Use cases such as auto-remediation and guided remediation are not widely deployed, signalling we are still in the ‘co-pilot’ phase of adoption, noted the study.
Top 5 roles
Across Thailand, the top five cybersecurity roles in demand include security data scientists, threat intelligence analysts, AI security engineers, AI security researchers and AI-specific incident response professionals.
Cybersecurity budgets are rising, with 92% of Asia-Pacific organisations reporting an increase. However, the vast majority of these increases were modest, as 74% reported an uplift of less than 5% and only 18% saw increases between 5-10%. This suggests that while budgets are growing, spending remains focused on covering rising operational and talent costs, noted Fortinet.
The top five areas of investment over the next 12-18 months include identity security, network security, cyber-resilience and cloud-native application protection. This indicates a strategic shift from infrastructure-heavy spending towards more targeted, risk-centric priorities that reflect the evolving threat landscape.
Despite growing executive focus on cybersecurity, most teams remain under-resourced. Just 6% of staff are in internal IT, and only a fraction of those focus on security. Fewer than one in six organisations have a dedicated CISO, and only 6% have specialised security teams, according to Fortinet.
This lack of focus is hurting performance – over half of respondents report rising threats, tool overload and talent challenges, driving burnout and highlighting the need for smarter resourcing.