From the view of the information and internet security, it is very important to have incident response infrastructure operated by CSIRT. CSIRT is based on very old operational model of a unit who is in charge of proper handling of computer security incidents. However, in these days, CSIRT is a place where we can coordinate and communicate related entities involved to security incidents. This activity was historically started by CERT/CC in CMU, US. Establishment of CSIRT in other countries has been expanded to the other places in Europe, AP region and now covering to emerging region such as Africa or South Americas. Since mid 1990's, many countries have been making their own CSIRT with national responsibility. For example in AP region, JPCERT/CC was established in 1996, KrCERT/CC in 1996, and SingCERT in 1997. Since then, various countries have their CSIRT for national responsibility, including China, Mongolia, Philippine, Chinese Taipei, Hong Kong SAR, Macau SAR, Indonesia, Malaysia, India, Sri Lanka, Pakistan, Brunei, and some more countries.
I have a big concern on the GMS. Our supply chain network is now spanning to various locations and businesses in this GMS, but some governments in this GMS do not commit to the practical cyber security policy deployment. Three countries in the GMS, Myanmar,Thailand and Vietnam, have their own CSIRT organizations, and they are FIRST and/or APCERT members. This is a good news. However, Lao and Cambodia may be problematic.
- Lao is willing to create its own CSIRT and ThaiCERT has been working for this with Lao people. JICA used to provide lectures and helps for them to set up their own CSIRT. However, their steps are very SLOW. ThaiCERT is working very hard, but still there is no CSIRT. (as of June 2013) I believe this is not by ThaiCERT but by Lao themselves. Base on my experiences through JICA efforts several years ago, it was very tough for them to define themselves a group for national responsibility. However, with several progress with huge help by ThaiCERT, now they can politically define themselves a group for being national CSIRT, so I'm expecting more acceleration on the process in the coming months.
- Cambodia seems that they don't have any plan to setup its cyber security policy. No operational CSIRT exists inside, but its Foreign Direct Investment (FDI) is getting higher and higher in these years. Even in this country, various global supply chain make their "touch down" to this country to combine their businesses to the other firms in other countries. Hence, it's very obvious for them to implement practical security measures and setup some entity which can be an information exchange inside Cambodia and with the other countries. But, nothing happens so far. Based on private conversations with government officials, unfortunately, Thailand government has some certain level of difficulties on communicate with them, and they feel that it's bit tough for Thailand to help them because of border dispute. Thus, our remaining hope is Chine which made huge FDI to Cambodia, but I don't know if Chine is worthwhile for Cambodia for helping them on development of Cambodia's cyber security policies.
DISCLAIMER: This memorandum is my personal opinion. There is no link to the other persons, organizations and governments.
