June 14, 2020, Kathmandu
Interview with Suman Thapaliya (Cyber Security Specialist, IT Security expert, Lead Auditor, Cyber Security Speaker and Secretary at Center For Cyber Security Research and Innovation)
We want to know about yourself
I am Suman Thapaliya. I am a Ph.D. Scholars from Lincoln University College, Malaysia. I have done Msc.IT and MBA. I am the First Academic Certified Ethical Hacker Instructor in Nepal, Certified Information Systems Auditor (CISA), ISO 27001:2013 Certified Lead Auditor, Academic Cisco Instructor, Mentor at Cybrary.it and Instructor at Udemy, Secretary at (CSRI) Center for Cyber Security and Research Innovation Nepal. IT auditor at Ds Accountant and Advisors.
I have been working and contributing to Cyber Security and IT Security for 5 years.
Currently, I am Head of the IT Department at Texas International Educational Network and Head of IT Department at Ds Accountant and Advisors.
What are the IT Courses that Texas College is providing?
Texas College is offering various IT and Management courses like BBA, MBA, BBS, BA, BSW, MBS, BCA, BSC. Csit, BCS (Cyber Security and Network Technology), BIT, and other programs taking from Montessori to Masters.
Do you run any IT Services in Nepal?
Yes, we do run Ds Accountant and Advisors as IT Services in Nepal and in Australia.
How easy is it to establish and sustain IT Audit Firm in Nepal?
It is easy to establish but very hard to sustain IT Firms in Nepal. As it is not in our practice to have an IT Audit. Recently Nepal Government has regulated some news but it is not again easy to convenience the general audience regarding the Audit Process. Still, we think that this is a huge investment for some unproductive tasks. But the fact is this is only one treatment to make assure that the infrastructure meets the compliance of security. IT audit helps to know the vulnerability, loopholes. Technically speaking IT ensures the CIA of data and IT Audits cover a wide range of IT processing and communication infrastructure which includes Web Services, Software Applications, Security Systems, OS, and Client-Server Network and Systems are free of errors with your IT system, leaving you vulnerable for an attack. IT Audit reduces risks related to IT, improves data security, and enhances IT Governance. We suggest and request all IT Companies to have one level of IT Audit.
What are the challenges to start and run such types of Security firm in Nepal?
Well, Ds Accountant and Advisors in currently running in Australia and in Nepal. This Firm provides a lot of solution related to Account and IT few name to mention:
- Bookkeeping Services
- Taxation Services
- Payroll Management Services
- Business Services
- Loan Management Services
- Technological Position Audit
- Systems and Applications Audit
- Information Processing Audit
- Management of IT and Enterprise Architecture Audit
- External Audit
- Forensic Audit
- IT Audit
- Compliance Audit
- Integrated Audit
- Special Audit and much more
Simply saying in each and every step there is a challenge, risk, and entertainment. You take your motorbike to the road now you are full of challenges, you hit someone, someone hit you, you slip, break fail, and so on. The same goes for Technology also. And we become an expert we enjoy every single challenge and till date, we have successfully made our client happy and satisfied. In Australia, everything goes with the system so there is less chance of getting customer dissatisfaction as everything is mentioned in SRS and no changes are demanded later whereas complete professionalism is not expected in the context of Nepal.
How often do you use/ engage in Social Media?
This is my favorite question and my favorite answer is I love to hang out in Social Media. I am active on Facebook, Instagram, Viber, Linkedin, Twitter, Smule, Tiktok, and so on.
How secure do you feel using such Social Media?
They are safe until you provide your personal keys to someone else. Use two-way authentication, do not click on the spam, enable security features, take good control of privacy and security, accept friend request wisely, you are safe. If your lock system is unique and confidential then you are safe.
So Social Media is safe to use and there is no risk in using it?
I don’t mean to say that. No, any Technology is 100% Safe and secure. We can prevent it at the highest point. There are a lot of cases in which we are listening to every day about the fraud happening around. But if your aware and can maintain basic security concerns then yes you are safe to use. For example, you can refer to the above statements.
What is the best solution to get rid of these issues?
One and only one simple solution is general public awareness. Each and every user should be aware of these incidents, basic guidelines of the cybersecurity act of Nepal should be aware to the general public. The government should come up with some heavy penalties in such cases, the special and trained bureau should be formed to trace and punish such activities. On top of these, all first and foremost thing is single user should be updated and aware.
What is the status of ICT in Nepal?
Nepal is a small market but is full of heavy challenges. Nepal is growing and expanding its network. So I can see the status of ICT in Nepal is broad and horizon. The newcomer students in Cyber Security you are full of loaded package. Get certified with CEH, Penetration testing, forensic testing you have a handful of jobs in Nepal as well in Globe.
What is your participation in the IT policy of Nepal?
I am one of the active members, I show my interest and take participate in each and every event happening in this topic. As being an active member of npCert Nepal I am highly updated with this IT policy of Nepal. I was an active member during the event of the IT Bill Act 2018. Also, I am one of the active members of the Global Cyber Security Summit that happened in 2018. We take the base of ETA and act accordingly.
Lastly any messages via this forum?
Thank you so much for your wonderful time provided to me. Via this interview, I guess that I tried to cover a lot of importance of IT Audit in IT Services in Nepal. Be aware and use technology wisely this will give you pleasure else Technology is armed forced which can destroy a lot.