None of the Technology is 100% Safe and Secure

Suman Thapaliya
Cyber Security Specialist, IT Security Expert in Nepal.

Suman Thapaliya is Cyber Security Specialist, IT Security expert, Lead Auditor, Cyber Security Speaker. He is Ph.D. Scholars from Lincoln University College, Malaysia. He is Msc.IT and MBA Graduate by education qualification. He is the First Academic Certified Ethical Hacker Instructor in Nepal, Certified Information Systems Auditor (CISA), ISO 27001:2013 Certified Lead Auditor, Academic Cisco Instructor, Mentor at Cybrary.it and Instructor at Udemy, Secretary at (CSRI) Center for Cyber Security and Research Innovation Nepal. IT auditor at Ds Accountant and Advisors. He has been working and contributing to Cyber Security and IT Security for 5 years. Currently, He is Head of IT Department at Texas International Educational Network and Head of IT Department at Ds Accountant and Advisors. Here we present the edited version of IT talk with Mr. Thapaliya :

What are the Courses that Texas College is providing ?

Texas College is offering various IT and Management courses like BBA, MBA, BBS, BA, BSW, MBS, BCA, BSC.Csit, BCS (Cyber Security and Network Technology), BIT, and other programs taking from Montessori to Masters.

Do you see any possibility of IT services in Nepal ?

Nepal is very rich in IT, here we can see a lot of opportunities, as Nepalese IT Market is less expensive in comparison to other countries. Also we are hardworking and sharp minded. So in today’s context Nepal is the best and beautiful place to start IT Services but this does not mean that there are no challenges. We also should pass through a lot of Governmental, Social and Industrial Challenges.

Do you run any IT Services in Nepal ?

Yes, we do run Ds Accountant and Advisors as IT Services in Nepal and in Australia.

How easy is it to establish and sustain IT Audit Firm in Nepal ?

It is easy to establish but very hard to sustain IT Firms in Nepal. As it is not in our practice to have an IT Audit. Recently Nepal Government has regulated some news but it is not again easy to convenience the general audience regarding the Audit Process. Still, we think that this is a huge investment for some unproductive tasks. But the fact is this is only one treatment to make assure that the infrastructure meets the compliance of security. IT audit helps to know the vulnerability, loopholes. Technically speaking IT ensures the CIA of data and IT Audits cover a wide range of IT processing and communication infrastructure which includes Web Services, Software Applications, Security Systems, OS, and Client-Server Network and Systems are free of errors with your IT system, leaving you vulnerable for an attack. IT Audit reduces IT related risks, improves data security, and enhances IT Governance. We suggest and request all IT Companies to have one level of IT Audit.

What are the challenges to start and run such types of Security firm in Nepal ?

Well Ds Accountant and Advisors in currently running in Australia and in Nepal. This Firm provides a lot of solution related to Account and IT few names to mention:

Management:
1. Bookkeeping Services
2. Taxation Services
3. Payroll Management Services
4. Business Services
5. Loan Management Services

IT Audit:
1. Technological Position Audit
2. Systems and Applications Audit
3. Information Processing Audit
4. Management of IT and Enterprise Architecture Audit
5. External Audit
6. Forensic Audit
7. IT Audit
8. Compliance Audit
9. Integrated Audit
10. Special Audit and much more

Simply saying in each and every step there is a challenge, risk, and entertainment. You take your motorbike to the road now you are full of under challenges, you hit someone, someone hit you, you slip, break fail, and so on. The same thing is applied for Technology also. And we become an expert we enjoy every single challenge and till date, we have successfully made our client happy and satisfied. In Australia, everything goes with system so there is less chance of getting customer dissatisfaction as everything is mentioned in SRS and no changes are demanded later on after deal whereas complete professionalism is not expected in Nepalese context.

Do you have a long vision of IT Business continuity in Nepal ?

Yes, I can see a long term vision. Now my long lasting service will be dedicated in IT Audit Firm.

How often do you use/ engage in social media ?

This is my favorite question and my favorite answer is I love to hang out in social media. I am active on Facebook, Instagram, Viber, Linkedin, Twitter, Smule, Tiktok, and so on.

How secure do you feel using such Social Media ?

They are safe until you provide your personal keys to someone else. Use two-way authentication, do not click on the spam, enable security features, take good control of privacy and security, accept friend request wisely, you are safe. If your lock system is unique and confidential then you are safe.

So Social Media is safe to use and there is no risk in using it ?

I don’t mean to say that. None of the Technology is 100% Safe and secure. We can prevent it at the highest point. There are a lot of cases in which we are listening to everyday about the fraud happening around. But if you are aware and can maintain basic security concerns then yes you are safe to use. For example, you can refer to the above statements.

What is the best solution to get rid of these issues ?

One and only simple solution is general public awareness. Each and every user should be aware of these incidents, basic guidelines of the cybersecurity act of Nepal should be making aware to the general public. The government should come up with some heavy penalties in such cases, the special and trained bureau should be formed to trace and punish such activities. On top of these, all first and foremost thing is single user should be updated and aware.

What is the status of ICT in future to upcoming students ?

Nepal is a small market but is full of heavy challenges. Nepal is growing and expanding its network. So I can see the status of ICT in Nepal is broad. The newcomer students in Cyber Security you are full of loaded package. Get certified with CEH, ISO, CISA, CISSP, Penetration testing, forensic testing you have a handful of jobs in Nepal as well in Global market .

What is your participation in the IT policy of Nepal ?

I am one of the active members, I show my interest and take participate in each and every event happening in this topic. As being an active member of npCert Nepal I am highly updated with this IT policy of Nepal. I was an active member during the event of IT Bill Act 2018. Also, I am one of the active members of the Global Cyber Security Summit that happened in 2018. We take the base of ETA and act accordingly.

Lastly any messages via this forum ?

Thank you so much for your wonderful time provided to me. I guess that I tried to cover a lot of importance of IT Audit in IT Services in Nepal Via this interview. Be aware and use technology wisely this will give you pleasure else Technology is armed forced which can destroy a lot. Stay Safe, Stay Home.