OpenGov had the privilege to learn in-depth about the EGA through Dr. Sak Segkhoonthod in this two part interview series. In Part I, we learn about the origins, strategies and developments of the EGA. In Part II of the interview below, we look at the role of EGA in the Smart Thailand initiative as well as the challenges ahead for the EGA.
When dealing with government agencies, IT security is obviously a critical component. What IT security measures are there in place at EGA?
It is recognised that IT security is a very important factor to build trust and confidence in digital government. If IT security is often compromised, the whole-of-government digital transformation could possibly fail. The EGA as the central agency for digital government transformation in Thailand attaches enormous significance to issues related to IT security and we implement numerous measures to ensure our own IT security and the security of our services to meet internationally-recognised standards.
First and foremost, it is our policy and strong determination to seek recognition for our IT security measures from renowned international organisations. The EGA has already achieved the ISO/IEC 27001: 2013 and CSA Security, Trust & Assurance Registry (STAR) certifications of one of our main services, Government Cloud, which is a result of our sustained efforts to make one of our core services secure for other government agencies to utilise.
We are still planning to seek ISO/IEC 20000: 2011 certification which assesses the service management system of some of our core services such as Government Software as a Service (G-SaaS) and our Government Cloud. Moreover, we are also planning to seek ISO 22301: 2012 certification which assess our business continuity management of our core services. Our ultimate aim is only about enhancing our IT security but also elevating the quality of our operations and services in general.
For other government agencies, we do the vulnerability assessment for other government agencies which utilise our Government Cloud. When we find any vulnerabilities, we report them to our customers and provide solutions for them to tackle the vulnerabilities effectively.
Lastly, at the EGA, we have the Government Computer Emergency and Readiness Team (G-CERT), which monitors risks, threats and incidents and help our customers to respond to them as effectively as possible. Another significant mission of G-CERT is to provide training for government personnel on IT security.
What are your views on balancing existing legacy infrastructure versus implementing new technology?
We are quite open to new technologies as we are studying how we can make use of Open-Source software such as Open Stack and Blockchain. However, we need to keep in mind that digital technologies change rapidly, so it is impossible for us to adopt every new technology. In reality, there are many factors which we need to consider carefully to find the right balance between new technologies and existing legacy infrastructure.
The first factor is about laws and regulations. We have to consider whether they allow us to move to new technologies or not. Sometimes we need to amend them to fit the digital era. The problem is the way to change laws and regulations are not as fast as how technologies change as the amendment processes are complicated and involve a large number of stakeholders.
The second factor is budget. Most people and agencies always wish to use the most updated technologies and equipment. However, we have to recognise that we need to spend taxpayers’ money as cost-effectively as possible. In many cases, if existing infrastructure still works properly, we may not need to change it.
The third factor which we need to consider is the benefits of new technologies. If they can serve our purposes better, for example, they can enable new digital services with lower costs, are highly scalable or are exposed to less security risks, it may be worth considering investment in new technology.
The fourth factor is about interoperability and migration. It would be useless if we acquire the most modern and magnificent technology on earth, but it cannot work with our existing infrastructure at all or we cannot migrate our systems and data to the new technology smoothly.
The last factor is the sustainability and appropriateness of new technologies. Some advanced technologies emerge only as fashions which come and go quite quickly and can be replaced by something else. Moreover, they may not be appropriate for our culture and mindset.
As I mentioned earlier, we are quite open to new technologies, but we need to take the five factors into account when we need to choose between new technologies and existing infrastructure.
Could you tell us more about some of the projects under the Smart Thailand initiative?
To begin with, you need to understand that the Smart Thailand initiative was part of the Thailand Information and Communication Technology Policy Framework (2011-2020) or commonly known as ICT 2020. The framework is replaced by the Digital Economy and Society Development Plan which was approved by the Royal Thai Government on 5 April 2016. The plan outlines six strategies to create “Digital Thailand” which will help Thailand to escape the middle income trap and to uplift the quality of life of Thai people. The six strategies include: (1) to build country-wide high- capacity digital infrastructure; (2) to boost the economy with digital technology; (3) to create a quality and equitable society through digital technology; (4) to transform into digital government; (5) to develop workforce for the digital era; and (6) to build trust and confidence in the use of digital technology. The Electronic Government Agency (Public Organization) is responsible for the fourth strategy of the plan.
However, I should tell you that even though the Smart Thailand initiative was already replaced by something else, its spirit still exists. Becoming only a digital government is not enough in the digital era, the government needs to be smart as well. In reality, there are still many Smart Thailand projects run by different government agencies. I want to mention some projects for which we are responsible. In order to be smart, first of all, we must be able to utilise appropriate digital technologies to transform our government’s operations to serve our people better and more efficiently. Secure and reliable digital infrastructure which the EGA has been providing is a critical first step for a smart government.
Another critical project is to expand “Smart Services”, so government agencies will require no more copies of government documents from Thai people. We are working closely with the Ministry of Agriculture and Cooperatives, the Ministry of Interior and the Ministry of Tourism and Sports to transform some of their services to be smart, so Thai people can use only their ID cards when they request services from these agencies.
Not only does the government need to be smart, in the digital era, the government should play an important role to make the entire society smart. We work together with other government agencies to open the primary data they own in a format which can be processed by electronic machines easily on the portal website, www.data.go.th. We hope that the private sector or any citizens will be able to optimise the data to create more innovative products or services for our country.
What are some of the challenges you face in your current role?
There are four major challenges when we wish to implement digital government transformation in Thailand. First of all, the EGA was set up in 2011 as the central government agency responsible for this policy. However, we cannot work on our own and we need close cooperation from all government agencies. We need to convince them which needs strong relationships between myself and heads of other government agencies. Seeking cooperation may somehow slow down the progress of digital government transformation, however, every cloud has a silver lining. If we can convince them, they are willing to work with us wholeheartedly which is highly beneficial for both parties. It may be better than only exercising authority to force them.
Another challenge is about laws and regulations. When we think about a connected government and data integration, our concern is whether there are any laws and regulations which prohibit the connection and integration or not. I think it is a common problem for the bureaucracy everywhere which needs flexibility and agility. We have to work together to overcome this challenge if we want to create a digital government for the benefits of our people.
Rapid changes in digital technologies could also be a challenge. However, as an organisation responsible for digital government transformation in Thailand, it is our responsibility to monitor and study the effects of the changes carefully in order to find the best solution to deal with them.
The most significant challenge is culture and the ways government officials work. Even though it is difficult to change, we have to do it if we want the digital government transformation to be successful. The EGA sets up the Thailand Digital Government Academy (TDGA) which was inaugurated by the Prime Minister on 29 July 2016. The main objective is to equip government officials at every level with essential digital skills and mindsets.
Read the first part of the interview here.