Cambodia has leapfrogged into digitalisation while also making waves as one of the fastest growing nations for internet users in the region.
For the latest Cambodian Business news, visit Khmer Times Business
However, with this rapid growth also comes risks, exposing companies, both local and international businesses in the country to cyber threats. Issues such as the lack of cybersecurity professionals are a plague with many nations unable to or unaware of methods to defend their companies from hackers wanting to obtain confidential information. Taking place at Rosewood Hotel in the capital, the two-day Cyber Security Asia 2019 conference, organised by Thomvell International, drew a crowd of more than 200 participants, government authorities, local information technology companies as well as potential international investors.
The conference saw household names such as Thomas Hundt, chief executive officer of Smart Axiata as well as the Iinformation, Communication and Technologies Security Director, Phannarith Ou from the Ministry of Posts and Telecommunications of Cambodia attend to share their thoughts on the current cybersecurity landscape in the Kingdom.
Matters such as the urgent need for better cybersecurity in all sectors as well as coming up with strategies and policies for a better cybersecurity framework were explored. Hundt who gave the opening keynote address on the first day stressed the need for constant vigilance.
One of the key speakers representing Cybersecurity Malaysia, Haji Amiruddin Abdul Wahab, presented on what it takes to build a successful cyber programme in this day and age.
“There can’t be just one layer of security; it has to be multi-layered,” said Amiruddin, urging companies to take on a more holistic approach when it comes to facing cyber threats because they are getting smarter as well. Highlighting the importance of cybersecurity measures, Principle Research Scientist, Robert Kooij from the Singapore University of Technology Design said policies and strategies should be looked into very carefully and in detail.
“Along with these strategies comes vulnerability and impacts and it is something authorities in every sector should seriously take into account,” said Kooij.
On the matter of policies, legislation pertaining to the sector are currently under way in the Kingdom. Sharing his thoughts during a panel discussion, Ou stated that there have been active internal discussions with representatives from sectors such as telecoms and energy to prepare players for it as well as alert them on how critical cybersecurity measures are.
One of the panellists in the conference, Computing and Security Associate Dean of Australia’s Edith Cowan University Paul Haskell-Dowland, said education holds the key when it comes to addressing the dangers of sharing information online.
“You can’t just tell people to avoid technology. The warnings that parents are giving their children now are no different from the ‘stranger-danger’ lessons they were given as children. It’s just the medium – the platform that has changed,” he adds.
Trust Global Service, senior consultant, Ignatius Low highlights that there is a need to educate the public about all the loopholes and gaps that come with cybersecurity measures that are applied in the systems.
“The lack of exposure and education among IT managers, directors and technicians in the country could affect company reputations and you have to understand the fundamentals of what a security breach does to the reputation of a company,” said Low, referring to the serious lack of understanding in the sector.
“There is also a need for companies to cater budgets to priority areas,” he added.
Cybersecurity Malaysia Chief Executive Officer Haji Amiruddin Abdul Wahab voiced a similar concern that security often becomes an afterthought for companies so long as everything seems to be working fine.
“It is important for companies focusing on digital transformation to embed security measures early on,” he urged.
Low also stated that while all these measures are important, companies would have to start from the basic root of compliance.
“Unless companies are aware of compliance, they would not be able to develop policies on security, network usage as well as email usage,” Low said. He stressed that various industries need to be aware of compliance, especially the public service sector.
Cybersecurity Malaysia’s Amirudin, who played a key role in the conference in sharing his experience as well as the company’s 23-year experience to attending participants, expressed his interest in helping the Royal Government to further progress the country’s digital defence. “Both countries are used to working on a multilateral basis for Asean and Asia-Pacific cybersecurity platforms – and I would like to explore more specific areas on a bilateral platform,” he said, hoping to meet his Cambodian counterpart so they can explore bilateral opportunities to strengthen areas of capacity building.
In line with the company’s’ mission to improve the capabilities of neighbouring countries, Amirudin pointed that no country in the region is completely safe when fellow neighbours are vulnerable to cyber attacks.
Malaysia’s Deputy Minister for Communications and Multimedia Eddin Syazlee Shith in his trip earlier this year said that Malaysia is ready to share working models on human resource development to foster talented people and collaborate on capacity building in the cybersecurity sector. Amirudin has expressed for a bilateral agreement between Cybersecurity Malaysia and to strengthen legislation and policies as well as fast-track Cambodia’s progress in cybersecurity.
The conference also opened up opportunities for companies to partner with other entities in the sector, which saw Trust Global Service become the local partner for Cybersecurity Malaysia to deliver cybersecurity measures to Malaysian companies arriving in the Kingdom. “2019 was a year of discovery for most customers. There was more curiosity and exploration,” said Low as he noticed the awareness levels among his customers has risen. With the push for digitisation happening in every sector, companies are more exposed to threats that could leave them crippled operationally.