Date of analysis: 02/09/2024

Cambodia DMARC & MTA-STS Adoption Report 2024

According to the Ministry of Posts and Telecommunications, cyber attacks in Cambodia increased by 28% last year. This concerning increase can be attributed to several factors, among which:

  • Growing adoption of cloud computing and Internet of Things (IoT) devices across different organizations and industries 
  • Rapid increase in the number of sophisticated threats (e.g. ransomware and phishing scams) that have put businesses at increased risk
  • lack of professionals in the field

Over 60% of Cambodian companies are expected to migrate to cloud-based solutions by 2024, potentially leading to an even higher increase in demand for cloud security specialists of up to 25%. However, Cambodia does not have enough professionals in the field of cyber security to meet the demand in the job market. According to Joseph Smith from AUPP, Cambodia is suffering from a huge shortage of skilled cybersecurity experts. As sectors such as banking, healthcare, and e-commerce are becoming increasingly more vulnerable to cyber attacks, the shortage of skilled personnel might imply a very dangerous situation for different public and private organizations in different sectors in Cambodia.

This report will delve into the current state of email security protocols across various sectors in Cambodia (e.g. healthcare, business, education, telecommunications, etc.), providing insights into the country’s cybersecurity landscape and identifying areas for improvement.

Download PDF Book a Demo

Assessing the Threat Landscape

In our Cambodia DMARC and Email Authentication Adoption Report for 2024, we will address the following major concerns:

  • How widespread is the adoption of MTA-STS?

  • What percentage of domains have DNSSEC enabled?

  • What steps can Cambodia take to enhance email security and prevent impersonation attempts?

  • Which industries are most at risk of falling victim to phishing attacks?

  • What strategies can organizations employ to defend against email-based threats?

Sectors Analyzed 

Overall, over 490 domains have been analyzed across 7 sectors in Cambodia:

  • Healthcare

  • Banking

  • Goverment

  • Telecommunication

  • Transport

  • Education

  • Miscellaneous – Businesses

What Do the Numbers Say?

Cambodia SPF Adoption Analysis

Cambodia DMARC Adoption Analysis

Cambodia MTA-STS Adoption Analysis

Cambodia DNSSEC Adoption Analysis

Sector-wise Analysis of Domains in Cambodia

Healthcare Sector

SPF Adoption Analysis

BIMI Logo

DMARC Adoption Analysis

BIMI Logo

MTA-STS Adoption Analysis

BIMI Logo

DNSSEC Adoption Analysis

BIMI Logo

Banking Sector

SPF Adoption Analysis

BIMI Logo

DMARC Adoption Analysis

BIMI Logo

MTA-STS Adoption Analysis

BIMI Logo

DNSSEC Adoption Analysis

BIMI Logo

Government Sector

SPF Adoption Analysis

BIMI Logo

DMARC Adoption Analysis

BIMI Logo

MTA-STS Adoption Analysis

BIMI Logo

DNSSEC Adoption Analysis

BIMI Logo

Telecommunication Sector

SPF Adoption Analysis

BIMI Logo

DMARC Adoption Analysis

BIMI Logo

MTA-STS Adoption Analysis

BIMI Logo

DNSSEC Adoption Analysis

BIMI Logo

Transport Sector

SPF Adoption Analysis

BIMI Logo

DMARC Adoption Analysis

BIMI Logo

MTA-STS Adoption Analysis

BIMI Logo

DNSSEC Adoption Analysis

BIMI Logo

Miscellaneous – Businesses

SPF Adoption Analysis

BIMI Logo

DMARC Adoption Analysis

BIMI Logo

MTA-STS Adoption Analysis

BIMI Logo

DNSSEC Adoption Analysis

BIMI Logo

Education Sector

SPF Adoption Analysis

BIMI Logo

DMARC Adoption Analysis

BIMI Logo

MTA-STS Adoption Analysis

BIMI Logo

DNSSEC Adoption Analysis

BIMI Logo

Comparative Analysis Among Different Sectors

Comparative Analysis of SPF Adoption among Different Sectors in Cambodia

BIMI Logo

Comparative Analysis of DMARC Adoption among Different Sectors in Cambodia

BIMI Logo

Comparative Analysis of MTA-STS Adoption among Different Sectors in Cambodia

BIMI Logo

Comparative Analysis of DNSSEC Adoption among Different Sectors in Cambodia

DMARC & MTA-STS Adoption Rates: Key Statistics

  • 40.5% of Cambodian governmental entities in Cambodia do not have a DMARC record, putting governmental communications at high risk of spoofing attacks.

  • 22.2% of Cambodian organizations in the Healthcare sector do not have an SPF record, while 11.1% of entities in the same sector have incorrectly implemented SPF.

  • Only 39% of domains in Cambodia have DMARC correctly configured, while over 61% have no DMARC record.

  • 100% of Telecommunication domains in Cambodia have DNSSEC disabled.

  • No healthcare, business, education, banking, government, or telecommunications domains in Cambodia have MTA-STS enabled.

  • 74% of Cambodian domains have SPF setup correctly, which is relatively higher compared to many other countries in Southeast Asia.

Critical Errors Organizations in Cambodia Are Making

From the above analysis, we have identified some errors that organizations in Cambodia are making regarding the adoption of email authentication protocols.

  • DNSSEC is completely disabled for the stark majority of domains in all the sectors. As a result, many public and private entities may be highly vulnerable to DNS-based attacks.

  • MTA-STS is not enabled for domains in the majority of the sectors, except transport. Even in the transport sector, MTA-STS configuration is extremely low.

  • The government sector is experiencing a higher rate of DMARC implementation challenges compared to other sectors.

  • Most entities across various sectors in Cambodia do not have a DMARC record.

  • The telecommunication sector has a relatively higher adoption of permissive DMARC policies (i.e. p=none) compared to other sectors.

How Can Organizations in Cambodia Improve Email Security & Deliverability?

If you’re looking for ways to improve email security and deliverability in Cambodia, consider the following:

  • Ensure you’re protected against DNS-based attacks by enabling DNSSEC.

  • Use automated tools for error-free SPF, DMARC, and MTA-STS record generation to avoid any syntax-related errors when implementing different policies and protocols.

  • Enable MTA-STS for all sectors in Cambodia, including healthcare, education, government, etc.

  • Replace p=none permissive policies with stricter p=reject DMARC policies across different sectors and in the telecommunication, education, business, and healthcare sectors in particular.

  • Ensure correct DMARC adoption for the government sector in particular.

  • Provide an accurate and comprehensive DMARC record for all sectors.

  • Invest in training future IT professionals to reduce the shortage of cybersecurity specialists in Cambodia.

How Can PowerDMARC Help?

If you need support addressing any of the challenges addressed above, feel free to reach out to us at [email protected] to get the necessary assistance. Your query doesn’t have to be related to Cambodia. At PowerDMARC, we provide customized solutions revolving around a wide range of internet protocols, including DMARC, SPF, DKIM, MTA-STS, TLS-RPT, and BIMI for businesses operating in different parts of the world and a variety of sectors. This means we can help you in a variety of ways, from configuration to detailed and consistent DMARC reporting.

secure email powerdmarcReady to prevent brand abuse, scams and gain full insight on your email channel?

Start 15-day trial Book a demo