STAP Journal of Security Risk Management

ISSN: 3080-9444 (Online)

Cybersecurity Risks and Challenges in Smart Cities: A Review with Insights for Cambodia

by 

Mony Ho ;

Sokroeurn Ang ;

Sopheaktra Huy ;

Midhunchakkaravarthy Janarthanan

PDF logoPDF

Published: 2026

Abstract

Smart Cities depend on interconnected digital systems, IoT devices, cloud platforms, and continuous data exchange to deliver efficient and innovative public services. However, this high level of integration increases exposure to cybersecurity risks that can disrupt essential operations and compromise citizen privacy. This review examines major cybersecurity threats affecting Smart City infrastructures, including IoT weaknesses, data exposure, DDoS attacks, surveillance system intrusion, and cloud security issues. It then analyzes Cambodia’s specific challenges such as limited legal frameworks, fragmented governance, unstable infrastructure, shortages of cybersecurity skills, and financial constraints. Global frameworks including the NIST Cybersecurity Framework, Zero Trust Architecture, IoT security models, and Smart City security architectures are reviewed to identify best practices. A gap analysis highlights significant differences between international standards and Cambodia’s current readiness. Finally, the study proposes strategic recommendations to strengthen national policies, enhance technical and human capability, and improve infrastructure resilience. The findings provide valuable guidance for policymakers and stakeholders seeking to advance secure and sustainable Smart City development in Cambodia.

Keywords

CybersecuritySmart CitiesCritical Infrastructure ProtectionIoT SecurityCloud Security

Cybersecurity Risks and Challenges in Smart Cities: A Review with Insights for Cambodia is licensed under CC BY 4.0CCBY

References

  1. Kociuba, D., Sagan, M., & Kociuba, W. (2023). Toward the smart city ecosystem model. Energies, 16(2795), 1–26.
  2. Oladimeji, D., Gupta, K., Kose, N. A., Gundogan, K., Ge, L., & Liang, F. (2023). Smart transportation: An overview of technologies and applications. Sensors, 23(3880), 1–32.
  3. Gharaibeh, A., et al. (2017). Smart cities: A survey on data management, security, and enabling technologies. IEEE Communications Surveys & Tutorials, 19(4), 2456–2501.
  4. Abomhara, M., & Køien, G. M. (2015). Cyber security and the Internet of Things: Vulnerabilities, threats, intruders and attacks. Journal of Cyber Security, 4, 65–88.
  5. Demertzi, V., Demertzis, S., & Demertzis, K. (2023). An overview of cyber threats, attacks and countermeasures on the primary domains of smart cities. Applied Sciences, 13(790), 1–36.
  6. Tcholtchev, N., & Schieferdecker, I. (2021). Sustainable and reliable information and communication technology for resilient smart cities. Smart Cities, 4(1), 156–176.
  7. Royal Government of Cambodia. (2021). General guidelines for provincial administration (2020–2030). Phnom Penh, Cambodia.
  8. Sar, V. (2023). Digital government in Cambodia: Challenges and solutions. KDI School of Public Policy and Management.
  9. Chang, V. (2020). An ethical framework for big data and smart cities. School of Computing, Engineering and Digital Technologies, Teesside University.
  10. Musa, A. A., Malami, S. I., Alanazi, F., Ounaies, W., Alshammari, M., & Haruna, S. I. (2023). Sustainable traffic management for smart cities using Internet-of-Things-oriented intelligent transportation systems (ITS): Challenges and recommendations. Sustainability, 15(9859), 1–15.
  11. Alotaibi, A., Aldawghan, H., & Aljughaiman, A. (2025). A review of the authentication techniques for Internet of Things devices in smart cities: Opportunities, challenges, and future directions. Sensors, 25(1649), 1–43.
  12. Gasana, A. D., et al. (2023). A review of smart city data governance, privacy protection, and cybersecurity challenges. Future Internet, 15, 1–23.
  13. Ahn, J., Hussain, R., Kang, K., & Son, J. (2025). Exploring encryption algorithms and network protocols: A comprehensive survey of threats and vulnerabilities. IEEE Communications Surveys & Tutorials.
  14. Khiev, S. (2023). Cybersecurity landscape and digital resilience in Cambodia. SSRN.
  15. Vennam, P., T. C., P. T., B. M., T. B. M., Kim, Y.-G., & N., P. K. B. (2021). Attacks and preventive measures on video surveillance systems: A review. Applied Sciences, 11(5571), 1–17.
  16. Kalbo, N., Mirsky, Y., Shabtai, A., & Elovici, Y. (2020). The security of IP-based video surveillance systems. Sensors, 20(4806), 1–25.
  17. Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 34, 1–11.
  18. Dawood, M., et al. (2023). Cyberattacks and security of cloud computing: A complete guideline. Symmetry, 15(1981).
  19. Savuth, C., & Sothea, O. (2023). Digital transformation in Cambodia: Policies, strategies, supporting factors and infrastructure. Journal of Southeast Asian Economies, 40(1), 145–172.
  20. Mono, O. C. (2021). E-government in Cambodia: Challenges and practical paths to achieve a functional e-government. Cambodia Development Center, 3(2), 1–19.
  21. Asian Development Bank. (2025). Asia digital transformation: Country perspectives – Cambodia.
  22. Ramim, M. M., & Hueca, A. (2021). Cybersecurity capacity building of human capital: Nations supporting nations. Online Journal of Applied Knowledge Management, 9(2), 65–85.
  23. World Bank Group, & GFDRR. (2024). Cambodia: Geospatial analysis for resilient road accessibility for human development and logistic supply. Washington, DC.
  24. Hill, H., & Menon, J. (2013). Cambodia: Rapid growth with institutional constraints (SSRN Working Paper No. 331). Asian Development Bank.
  25. Gordon, L. A., Loeb, M. P., & Zhou, L. (2020). Integrating cost–benefit analysis into the NIST cybersecurity framework via the Gordon–Loeb model. Journal of Cybersecurity, 6(1), 1–8.
  26. Bernardo, L., Malta, S., & Magalhães, J. (2025). An evaluation framework for cybersecurity maturity aligned with the NIST CSF. Electronics, 14(1364), 1–20.
  27. Chinnasamy, S. R., & Janakiraman, S. N. (2022). Zero trust architecture: A systematic literature review.
  28. Phiayura, P., & Teerakanok, S. (2023). A comprehensive framework for migrating to zero trust architecture. IEEE Access, 11, 19487–19512.
  29. Karie, N. M., et al. (2021). A review of security standards and frameworks for IoT-based smart environments. IEEE Access, 9, 121975–121999.
  30. Alghareeb, M. S., Almaiah, M., & Badr, Y. (2024). Cyber Security Threats in Wireless LAN: A Literature Review. International Journal of Cybersecurity Engineering and Innovation, 2024(1).
  31. Lohr, S. K., et al. (2020). IoT security framework overview. Computers, 9(44), 1–20.
  32. Alrajeh, M., Almaiah, M., & Mamodiya, U. (2026). Cyber Risk Analysis and Security Practices in Industrial Manufacturing: Empirical Evidence and Literature Insights. International Journal of Cybersecurity Engineering and Innovation, 2026(1).
  33. Ali, A., et al. (2022). Advanced security framework for Internet of Things (IoT). Technologies, 10(60), 1–17.
  34. Al-shareeda, M., & Alrudainy, H. (2026). Sustainable and Secure Energy Optimization Strategies in the Internet of Healthcare Things (IoHT). International Journal of Cybersecurity Engineering and Innovation, 2026(1).
  35. Atlam, A. A. A., & Alenezi, A. G. (2021). Security and privacy in smart cities: Challenges and opportunities. Journal of Network and Computer Applications, 182, 1–20.
  36. Chatterjee, R. K., Sharma, P. K., & Park, J. H. (2021). Cybersecurity for smart cities: Challenges and solutions. Multimedia Tools and Applications, 80, 17343–17372.
  37. Chandak, A., & Chandak, P. (2026). Blockchain technology in health care an extensive scoping review of the existing applications, challenges, and future directions. International Journal of Cybersecurity Engineering and Innovation, 2026(1).
  38. Liu, F. (2022). Social data governance: Towards a definition and model. Journal of Information Science.
  39. Kuzio, J., et al. (2022). Building better global data governance. Data & Policy, 4, e25.