Sri Lanka strengthening national cybersecurity framework

Sri Lanka is actively enhancing its cybersecurity preparedness by focusing on strengthening legal frameworks and fostering partnerships among stakeholders at both local and international levels.

The country is on track to become a signatory to the United Nations Convention against Cybercrime, which signifies its commitment to addressing cyber threats successfully.

Top officials said that the cabinet has approved a national cybersecurity policy, marking a significant step towards establishing a comprehensive approach to cybersecurity in Sri Lanka. This initiative exhibits the nation’s dedication to improving its cybersecurity landscape and ensuring a safer digital environment for its citizens.

“We are working towards the UN Convention against Cybercrime, which will enable us to share information between international partners,” a Digital Ministry official said.

He noted that Sri Lanka has taken significant steps in addressing cybercrime by ratifying the Council of Europe’s Convention on Cybercrime in May 2015, becoming the first South Asian nation to do so. Currently, the country is preparing to engage with a similar convention for the second time.

The Sri Lanka Computer Emergency Readiness Team Coordination Centre (SLCERT), in collaboration with relevant agencies, is actively working towards this initiative. This effort highlights Sri Lanka’s commitment to enhancing its cybersecurity framework and aligning with international standards in combating cyber threats.

SLCERT is also responsible for user and security testing for Sri Lanka’s Electronic National Identity Card (e-NIC) project, which includes biometric features such as fingerprint, iris, and face recognition details for enhanced security and efficiency in identification confirmation.

A national-level Malware and Threat Hunting Lab will also be implemented this year, as part of the cybersecurity strategy. According to the official, investments in better security for state institutions are planned under the National Cybersecurity Strategy. A large number of state institutions have been informed, and security assessments have been conducted in line with this strategy, he further said.

The country’s Cybersecurity Law is being reviewed by a panel and will be presented to parliament this year, he added. It will allow the Central Security Agency to manage the national cybersecurity strategy, safeguard critical information infrastructure in the wake of the digital economy initiatives, while operating as a national contact point for cyber threats, the official explained. He added that this Act will empower the SLCERT by raising its capacities to respond to and manage cybersecurity events.

Article Topics

cybersecurity  |  digital economy  |  digital government  |  Sri Lanka