Cybersecurity ‘no longer just for IT tech folk’, experts warn


Cambodian businesses are increasingly reliant on the internet as the Kingdom continues to adopt emerging technologies in the bid to gain a competitive edge as a young, digitally savvy nation. Earlier this year, the Ministry of Posts and Telecommunications released a report showing that there were now 13.4 million mobile internet users across the country, with Cambodia becoming more connected than ever.

A person delivers a computer payload while working on a laptop in Lille, France, during the 11th International Cybersecurity Forum. AFP

The growing demand for tech-based skills is apparent across a range of sectors in Cambodian industry, but for Paul Craig, head of offensive security at Singaporean cybersecurity firm, Vantage Point, more needs to be done to ingrain the idea of cybersecurity into employees across the board.

“People. It all starts with people,” says Mr Craig, who will be a guest speaker at the Cyber Security Asia 2019 conference taking place in Phnom Penh this November, “Cybersecurity needs to be an attitude that is baked into all aspects of a business and the core of the business needs to embrace security.”

This comes after IMB’s X-Force Threat Intelligence Index highlights human error as a common thread between successful cyberattacks and data breaches.

“Misconfigured cloud servers that include publicly accessible cloud storage, unsecured cloud databases, and improperly secured rsync backups, or open internet connected network area storage devices contributed to the exposure of more than 990 million records in 2018,” the report states, adding that this represents 43 percent of the more than 2.7 billion compromised records tracked by X-Force research for the year.

It also stated that misconfiguration, due to either a lack of training or awareness, is now the single biggest threat to the security of cloud-based technology – technology that Cambodia is keen to adopt, according to Heng Sokkung of the Ministry of Industry and Handicraft when he spoke at the Cambodia International Machinery Industry Fair last month.

“Security is no longer just for IT tech folk – an entire organisation and its staff, have become the available attack surface,” warns Mr Craig.

“Staff within an organisation are very often the weakest link and if an attacker is unable to compromise the technology the people are often a much easier target,” he says.

Evidently however, the Royal Government of Cambodia is seeking to address this. Chun Vat, the Director General of the Ministry of Posts and Telecommunications, last month hosted a seminar on Measuring Security Levels ICT for Small and Medium Enterprises. In attendance were some 1500 members of the government, the banking and finance sector and numerous small-medium enterprises, with the aim of learning to meet the challenges of changing technologies.

This article was originally published in the Khmer Times.


Please enter your comment!
Please enter your name here