Sri Lanka strengthens cyber defenses, digital infrastructure

Sri Lanka is significantly advancing its national cyber resilience through several key initiatives under the umbrellas of the government’s digital economy strategy and blueprint.

The launch of the National Cybersecurity Strategy (NCS) and Government Cybersecurity Baseline Standards (GCBS) aims to create a unified, risk-based governance framework specifically for the public sector, Mr. Thilak Pathirage, Chairman of the Sri Lanka Computer Emergency Readiness Team (SLCERT), explained in his opening speech at the National Cybersecurity Conference on Wednesday in Colombo.

This framework is complemented by the National Security Operations Centre (NSOC), which enhances proactive, real-time monitoring, threat detection, and incident response capabilities.

“From the Sri Lanka Unique Digital Identity (SL-UDI) and digital public infrastructure (DPI) to FinTech innovation, AI adoption, and the national data exchange, our digital ecosystem is expanding rapidly,” Mr. Pathirage added. SLCERT has transitioned from being merely an incident response center to becoming the national authority for cybersecurity governance and digital trust. This change highlights a broader understanding that cybersecurity is crucial for national progress and resilience, rather than merely a back-office function.

Mr.  Pathirage said that setting up the Cybersecurity Regulatory Authority (CSRA) will transform SLCERT’s responsibilities to expand significantly. “It will conduct national cybersecurity operations, coordinate with sectoral and international CERTs, manage threat intelligence and incident responses, lead capacity building and awareness initiatives, and implement Digital Trust and Certification Programs across various sectors.”

With CSRA’s guidance, SLCERT will assert its technical independence, which is crucial for ensuring agility, professionalism, and impartiality in its operations, allying with global best practices.

As cyber threats become increasingly sophisticated, we need to shift from a reactive to a proactive defence posture, Mr. Pathirage said “This transformation involves anticipating and neutralizing threats before they occur. Key initiatives include the development of a Cyber Threat Intelligence (CTI) framework to create an intelligence-driven ecosystem, the implementation of National Attack Surface Management (ASM) for greater visibility and proactive risk management, and the introduction of a Web Risk Management Tool (WRMT) to empower citizens in detecting and reporting digital scams.”

He stressed that cyber threats could disrupt critical services, undermine governance, and erode public trust, noting that, as such, cybersecurity is no longer a technical matter.

“It is a national imperative — central to our economic stability, democratic governance, and sovereignty. In this new era, data is power, but trust is currency.

Every digital transaction, interaction, and service depends on the confidence that systems are secure, identities are protected, and data is handled responsibly.”

Tech giants eyeing Sri Lanka for data center expansion

There is growing interest from global and regional digital infrastructure and cloud service providers to establish data centers and computing capacity in Sri Lanka.

The country’s strategic location, skilled talent base, strong data protection and trust framework, and robust submarine connectivity make it an attractive destination, Dr Hans Wijesuriya, chief adviser to the President on Digital Economy, told Biometric Update recently.

“Several early-stage discussions are already underway, and a formal process is expected to commence later this year, in alignment with the Government’s hybrid cloud initiative.”

A number of international cloud infrastructure providers including Amazon, Microsoft Azure, Oracle Cloud, Huawei, Alibaba are speaking with the Ministry of Digital Economy and related agencies about setting up data centers in the country.

Article Topics

cloud services  |  cybersecurity  |  data center  |  digital ID  |  digital public infrastructure  |  Sri Lanka