Paiboon Amonpinyokeat, a member of the committee that amended the bill, said the law covers only cyber-incidents affecting critical information infrastructure, such as utilities. The second oversees national cybersecurity, led by the deputy prime minister for defence. Each critical information infrastructure agency will have its own cyberteams needed to comply with the requirements and be audited by a third party. In the event that the critical information infrastructure agencies are believed to have been attacked, the NSA will have to ask for a court order before accessing their systems. Mr Paiboon said any person causing a data leak from critical information infrastructure, whether intentionally or not, must be sentenced to jail for 3-7 years.

Source: Bangkok Post December 19, 2018 22:30 UTC