While to many the world of cybersecurity may appear a baffling, convoluted world bristling with acronyms and jargon, the essentials require limited technological proficiency and provide certain guarantees against cyberattacks.
The Cyber Security Asia 2019 conference kicks off in Phnom Penh on Nov 4 where a range of international experts from across Asia and the Pacific will gather to address the latest issues presented in the field of cybersecurity. Cyber Security Asia notes that 60 percent of digital business will suffer major service failure by 2020 and that 90 percent of companies in Asia and the Pacific have been hit by some form of cyberattack.
Clearly for Cambodia, where some 99.8 percent of businesses are small-medium enterprises (SMEs) with limited capital to invest in cybersecurity solutions, the growing number of businesses whose work involves some level of dependence on the internet raises the Kingdom’s exposure to attack.
Southeast Asia has of late become something of a hub for cybercriminals, while Kaspersky Labs – a multinational cybersecurity and anti-software company – last year detected 4,590,076 web threats in Cambodia, this paled in comparison to neighbouring countries like Vietnam, where 110,004,727 online cyberattacks were detected and Thailand, which suffered 30,203,943.
The threat is rising and forever growing more complex, but the solutions can be quite simple says Shamane Tan, executive advisor at Privasec, an international cybersecurity consultancy firm based in Australia.
“Get the basics right first. This is not a complicated answer,” she says when asked how companies can best prepare for cyberattacks, “With digital transformation, and the speed at which IT has been evolving, it can be easy for chief information security officers (CISOs) to lose sight of the fundamentals.”
For companies unable to update their cybersecurity measures, Ms Tan suggests minimising the risk. This could be as simple as password protection on sensitive information or ensuring that backups of critical data are securely stored.
“Don’t just go after the shiny tools,” she says, “If you don’t have a solid foundation, your house is going to collapse. After that, then you put in all the infrared motion and heat sensors.”
Across Cambodia the understanding of cybercrime as a problem for tech-focused people or ICT departments is potentially exposing companies to greater threats.
“An incident is unavoidable,” Ms Tan warns, “Attack vectors are also constantly changing, so instead of focusing solely on detection, focus on managing the ‘three Rs’: risk, response and resilience.”
She says all businesses should be adapting to the way the world is changing, “Have a playbook of your business continuity plan. We should all be changing our language; security is no longer an IT problem. It is a business risk.”