Exploring information security practices in Thailand using ISM-Benchmark

In recent years, information security has become a vital focus in most organizations around the world. However, the majority of the studies on information security have been widely done to highlight successful cases in developed countries, but very few in developing countries. This paper aims to explore information security practices in the context of a developing country, Thailand. The study uses ISM-Benchmark developed by Information-technology Promotion Agency of Japan (IPA) to investigate and compare information security levels of the Thai organization with the Japanese ideal scores. In the study, the survey samples are ranged from SME to large companies. The results demonstrate the levels of information security practices and identify the problems in the information security. The study also shows the need for benchmarking information security of any organization with the best practice of the developed country.