Causal Factors Influence the Cybersecurity Readiness Capability in the Royal Thai Air Force
Article Sidebar
Main Article Content
Abstract
Royal Thai Air Force’s mission is to prepare and deploy air power to maintain national security. However, maintaining security must be conducted both physically and digitally. In particular, the digital aspect focuses on critical digital infrastructure. At the same time, cyber risks and threats must also be taken into consideration. This research aims to study and analyze the causal factors that influence the cybersecurity readiness capability in the Royal Thai Air Force. The researchers employ structural equation modeling, using a sample of 810 personnel working in digital technology and cybersecurity for the Royal Thai Air Force. The research findings indicate that the Royal Thai Air Force has the highest level of readiness for cybersecurity. Additionally, the factors of personnel, processes, and technology readiness capability positively influence the cybersecurity readiness capability in the Royal Thai Air Force. Therefore, developing cybersecurity capabilities for the Royal Thai Air Force should focus on personnel, processes, and technology simultaneously. Particularly, the aspects of personnel and processes are of great importance, as it will significantly enhance the sustainable strength of the Royal Thai Air Force’s cybersecurity. Additionally, we have proposed a cybersecurity framework aimed at enhancing the readiness and strengthening the effectiveness of the Royal Thai Air Force in preventing cyber threats.
Article Details
References
Royal Thai Air Force. (2020). Royal Thai Air Force Strategy for 20 years (2018 - 2037) (Revised edition 2020). [Online]. Retrieved from: https://welcome-page.rtaf.mi.th/blog/e-ksaarephyaephr-11/yuththsaastrk-ngthaph-aakaas-20-pii-ph-s-2561-2580-38. (in Thai)
Laohhapaibon, P., and Kongwut, O. (2024). Integrating Artificial Intelligence (AI) and Artificial General Intelligence (AGI) to Enhance the Cybersecurity System of the Royal Thai Air Force’s Cyber Center. NKRAFA Journal of Science and Technology, 20(1), 131-140.
Annarelli, A., Nonino, F., and Palombi, G. (2020). Understanding the management of cyber resilient systems. Computers and Industrial Engineering, 149, 106829. https://doi.org/10.1016/j.cie.2020.106829
Bada, M., Sasse, A. M., and Nurse, J. R. C. (2015). Cyber security awareness campaigns: Why do they fail to change behaviour? Presented at the International Conference on Cyber Security for Sustainable Society (CSSS).
Berlilana, Noparumpa, T., Ruangkanjanases, A., Hariguna, T., and Sarmini. (2021). Organization benefit as an outcome of organizational security adoption: The role of cyber security readiness and technology readiness. Sustainability, 13(24), 13761. https://doi.org/10.3390/su132413761
Borgman, B., Mubarak, S., and Choo, K. K. R. (2015). Cyber security readiness in the South Australian Government. Computer Standards and Interfaces, 37, 1-8. https://doi.org/10.1016/j.csi.2014.06.002
Cheang, S. (2009). Conceptual model for cybersecurity readiness assessment for public institutions in developing country: Cambodia. The Proceedings of the 2009 Fourth International Conference on Computer Sciences and Convergence Information Technology, 1411-1418. https://doi.org/10.1109/ICCIT.2009.242
Eilts, D. (2020). An Empirical Assessment of Cybersecurity Readiness and An Empirical Assessment of Cybersecurity Readiness and Resilience in Small Businesses Resilience in Small Businesses. [Online]. Retrieved from: https://nsuworks.nova.edu/gscis_etd
Fornell, C., and Larcker, D. F. (1981). Evaluating structural equation models with unobservable variables and measurement error. Journal of Marketing Research, 18(1), 39-50. https://doi.org/10.2307/3151312
Georgiadou, A., Mouzakitis, S., and Askounis, D. (2021). Assessing MITRE ATTandCK risk using a cyber-security culture framework. Sensors, 21(9), 3267. https://doi.org/10.3390/s21093267
Hair, J. F., Anderson, R. E., and Black, W. C. (2014). Multivariate data analysis. 7th ed. Upper Saddle River, NJ: Prentice Hall.
Hasan, S., Ali, M., Kurnia, S., and Thurasamy, R. (2021). Evaluating the cyber security readiness of organizations and its influence on performance. Journal of Information Security and Applications, 58, 102726. https://doi.org/10.1016/j.jisa.2020.102726
International Organization for Standardization. (2022). ISO/IEC 27001:2022 - Information security, cybersecurity and privacy protection - Information security management systems - Requirements. International Organization for Standardization. [Online]. Retrieved from: https://www.iso.org/standard/82875.html
Leavitt, H. J. (1965). Applied organisational change in industry: Structural, technological and humanistic approaches. In J. G. March (Ed.), Handbook of organisation. Rand McNally and Company. Chicago, Illinois.
National Institute of Standards and Technology. (2018). Framework for improving critical infrastructure cybersecurity (Version 1.1). U.S.: Department of Commerce. https://doi.org/10.6028/NIST.CSWP.04162018
Neri, M., Niccolini, F., and Martino, L. (2024). Organizational cybersecurity readiness in the ICT sector: A quanti-qualitative assessment. Information and Computer Security, 32(1), 38-52. https://doi.org/10.1108/ICS-05-2023-0084
Nunnally, J. C. (1978). Psychometric theory (2nd ed.). New York: McGraw-Hill.
Pollini, A., Callari, T. C., Tedeschi, A., Ruscio, D., Save, L., Chiarugi, F., and Guerri, D. (2022). Leveraging human factors in cybersecurity: An integrated methodological approach. Cognition, Technology and Work, 24(3), 371-390. https://doi.org/10.1007/s10111-021-00683-y
Saeed, S., Altamimi, S. A., Alkayyal, N. A., Alshehri, E., and Alabbad, D. A. (2023b). Digital transformation and cybersecurity challenges for businesses resilience: Issues and recommendations. Sensors, 23(15), 6666. https://doi.org/10.3390/s23156666
Saeed, S., Suayyid, S. A., Al-Ghamdi, M. S., Al-Muhaisen, H., and Almuhaideb, A. M. (2023a). A systematic literature review on cyber threat intelligence for organizational cybersecurity resilience. Sensors, 23(16), 7273. https://doi.org/10.3390/s23167273
Sherwood, J., Clark, A., and Lynas, D. (2005). Enterprise security architecture: A business-driven approach. CRC Press.
Zhang, Y., Zhang, C., and Xu, Y. (2021). Effect of data privacy and security investment on the value of big data firms. Decision Support Systems, 146. https://doi.org/10.1016/j.dss.2021.113543
