Microimage celebrates 20 years in an evening of true spirit

Top row: From left CEO Harsha Purasinghe, ICTA Managing Director Muhunthan Canagey, and Malaysia OMESTI Bhd Executive Director Mah Xian Zhen. Second row from left Microimage COO Suren Rupasinghe, Dialog Axiata Group CEO Dr. Hans Wijayasuriya and SLASSCOM Chairman Mano Sekaram

Microimage, the company that started as a high-school startup and built through sheer determination and passion, celebrated its 20th anniversary at a warm and cherished event on 7 October evening.
The significance of this event was the heartfelt gratitude and appreciation shown to all those who were a part of the company’s humble, yet incredible journey.
The evening kicked off with CEO Harsha Purasinghe showcasing the journey of their proprietary software, the very first Sinhala Unicode Keyboard, Helawadena, a collaboration between the ICTA, Microsoft and Microimage making Sinhala, Tamil and numerous other language ‘keyboards’ ubiquitously available. The initial Microimage product was given a small space in a store (at Majestic City) owned by another small startup, EPSI. Ironically, the owner of EPSI was none other than Muhunthan Canagey.
Canagey, Head of ICTA, ‘remembered’ and shared this journey with the audience. “I am extremely proud to be standing here acknowledging the success of Microimage. Harsha and I have come a long way together and achieved many accomplishments together. I am more than proud to have been a part of this journey.”
Next, it was COO Suren Rupasinghe who spoke about Sri Lanka’s pioneering Human Capital Management (HCM) solutions: developing time and attendance, and payroll software for the manufacturing sector. Despite rejections and disappointments, the company only strived harder and launched the HCM8R2 which ended up as a game-changing experience to the HR industry.
The company was proud to service a large established growing client base across the region, deploying in seven markets, which includes Sri Lanka, Maldives, India, Singapore, Malaysia, Bangladesh, Pakistan, Brunei and Saudi Arabia.
Harsha then spoke about the company’s foray into the international arena tying up with Asia-based OMESTI Group.
This strategic partnership with Microimage was intended to bring leading edge Human Capital Management (HCM) solutions to Asian markets. Known as MIHCM (Microimage HCM) Asia, the new venture used Kuala Lumpur as a launch pad to deliver proprietary HCM solutions to South East Asia and beyond, leveraging on the regional networks of the OMESTI Group.
Executive Director of OMESTI Bhd, Mah Xian Zhen, who had flown down especially for the occasion paid a glowing tribute to the Microimage team and their plans to enter the East Asian countries like Cambodia, Thailand, Myanmar, and Indonesia.
Meanwhile Microimage was transforming from being just another provider of desktop language software into a very successful software research and development company focusing on providing innovative solutions in key product lines such as human capital management software solutions, enterprise software solutions, and mobile solutions/software localisation.
At this point, Mano Sekaram, Chairman of SLASSCOM, aptly summed up the Microimage story by saying that despite all the hardships faced along the way due to various industry shortfalls, the company did not give up hope but flew the flag for Sri Lanka at every tech forum, locally and internationally, bringing pride and recognition to this country. “Every successful company has to have a soul, and Harsha is the heart and soul of Microimage.”
Seeing an opportunity to get into mobile media, the company then started developing a radio automation software which turned out to be the mission-critical innitiative for radio operations.
Today, Microimage Mobile Media powers all key radio networks and the leading DTH TV operators. Microimage Mobile Media Broadcast platforms are now marketed in other regional countries as well.
During this time, Microimage introduced ebooks via the BookHub to Sri Lanka in collaboration with Dumindra Ratnayaka (ex-Etisalat) and Rajiva Gunasena of Gunasena Bookshops. They did not stop there but went on to develop a music app called ‘Thaala’ to facilitate legal music downloads, which was launched together with Dialog Axiata’s music service offering.
Dr. Hans Wijayasuriya, Group CEO of Dialog Axiata, said: “Whilst we live in an era of disruption, and breaking down things yesterday to do things today, it is heartening to see a company that has risen from humble beginnings to become one of the biggest successes in this country today.”
Apart from making game-changing software, Microimage veered into social innovation with the first-ever disaster and early warning solution called DEWN. This a world class social innovation that emerged after the Indian Ocean tsunami was a great collaboration between Dialog Axiata, Microimage and the University of Moratuwa’s Dialog Research Lab. This is currently deployed with the Disaster Management Centre of Sri Lanka.
Today, Microimage Holdings has become the umbrella organisation that oversees all of its diversifications including Microimage Impact. This new arm will engage in various social impact initiatives and all revenue generated from this social venture will be put back into fostering social ideas towards social impact harnessing the power of technology.
Giving an insight into the future of Microimage, Harsha outlined plans of their new office in Sydney, Australia and Dubai.
The biggest announcements of the evening were the HCM15 version, which was demoed through a beautiful video and mStudio 3.0 poised to revolutionise the broadcast industry as never before, as Microimage continues making headway beyond the shores of Sri Lanka.

Sourced By : www.ft.lk

Towards a digital economy in Sri Lanka

mc 2

ICTA MD/CEO Muhunthan Canagey

ICT Agency of Sri Lanka Managing Director/CEO Muhunthan Canagey shared his views on Sri Lanka’s role on cyber security at the EC Council Cyber Security Summit 2015.
Canagey explained that Sri Lanka is taking leaps in developing the infrastructure for a digital economy.
“The new Government’s aim is to get all state buildings linked across the country. A project is been carried out for linking up 3,500 state buildings with 100 megabyte connectivity to each other and to an information back bone of 100 gigabytes across all 25 districts. This means any state official would be able to work across any of the state buildings irrespective of the location they are in. So if you have an appointment at the Ministry of Finance and afterwards let’s say you have to go for a meeting at the Ministry of Foreign Affairs or our ministry; with the same login you would be able to work across all ministries. Now that’s the type of environment we are bringing in,” he said.
“While we do that, we are also ensuring that the citizens will be able to engage themselves in Government related services. These are all e-services and by 2018 we intend to have the entire Government’s services available as e-services for citizens, allowing them get all their services across mobile platforms. That’s the vision we have to move forward. The next step that the ICTA will actually take is to work forward along with the financial institutions in the country to develop the national payment platform for Government payments; starting with the Sri Lankan customs as the first payment service. This would allow citizens to tap all bank accounts into one app and be able to make transfers and payments across all Government portfolios,” he added.
Digital economy entails many security challenges. These cannot be dealt by the Government or any institute alone. Information security is an ongoing process which requires people, process and technology to align together.
“These services all sound fancy and as the way to move forward. But on the other side we have to consider the cyber security aspects. While we keep opening our doors, there are more threats coming in. The SL-CERT, a subsidiary of ICTA does an enormous amount of work in ensuring citizens are protected on a day-to-day basis. They have large volumes of hacks that are reported to them daily. ICTA takes cyber security very seriously and we are the first in South Asia to enter the Budapest Convention; the cross-border contractual agreements which will be taking place in this regard,” he stated.
He further explained the importance of having a cyber security culture within organisations in Sri Lanka. All technological measures to safeguard information assets in organisations would fail if the concept of cyber security is not instilled within the organisation and its employees.
“We need to bring cyber security into our lives, our culture because everything we do is going to be online and in the future, we really need to take this area forward. We are planning to implement the National Security Operations Centre (SOC) by March 2016,” he added.
Canagey also pointed out that it’s time for organisations to start investing in the skills of young people who have high technical knowledge and know-how of hacking.
“The drive towards cyber security will be a key focus. When I say that, I look into this audience and I see very senior people. There are also young men and women from different state universities this afternoon. Nevertheless, the average age for cyber security cult is 15. So this is not anymore about men and women but this is about boys and girls who have to take over this space. These young people have great hacking capabilities; they do a great job and want to be a part of ethical hacking. We need to get a lot more youth involved in this space. That’s the commitment expected from you in the industry as professionals and business leaders. You will have to bring into the organisations, these very young people to deal with cyber security because they know how hacking works, they know how to play these games, and they are some of the greatest tools and assets that organisations can have in terms of cyber security. We could facilitate but these young people can really do a good job,” he emphasised.
During a panel discussion Canagey discussed the role played by ICTA to encourage organisations to integrate cyber security into their culture.
“ICTA is not an organisation. It’s a facilitator to the industry irrespective of whether they are state or private sector organisations. We are taking great efforts to make organisations aware of cyber security issues. Private sector organisations need to realise that our competition is no longer local but is global. So if Sri Lanka is to move forward to revolutionise the digital infrastructure and go into the global space, we need to start thinking different,” he said.
Discussing the factors preventing Sri Lanka from following proper standards whether in the payment industry, COBIT or Stock Exchange Canagey said; “Standard is a motion that has to come from the top and that’s the type of culture we want. The level of education has to be improved for this. For instance, in the banking industry we will be bringing forward non-collateral based lending. That is one area where the Minister and Ministry of ICT is going to work very closely.
Let’s say you want to start a software company and you want to take a loan and they ask you to bring your mother’s or father’s house as collateral, which is not fair. This is what we need to change but not just for IT; the whole eco-system needs to change. There’s a multi-strategy that needs to work out. Let’s not worry about what has happened in the past. Let’s move forward. Let’s incubate and accelerate a knowledgebase economy, get rid of collateral based lending and also build-in a culture that incorporates youth and develops policy making. We should change this culture to bring in technological revolution in this country.”


Sourced By : www.ft.lk

Experts share key insights to overcoming cyber security challenges



By :Kiyoshi J Berman

The third annual Cyber Security Summit organised jointly by the Daily FT and CICRA Consultancies concluded successfully on Tuesday with a record participation of over 300 representatives from the private and public sector as well university students.

The main objective of the summit held at the Cinnamon Lakeside was to create awareness over the importance of cyber security and to provide top officers in the private and public sectors and IT professionals with best practices in acquiring, implementing, managing and measuring information security postures of their organisations as well as equipping them with countermeasures. The summit also highlighted the current flaws in information security that affect businesses. Discussions and presentations revolved around some of the most malicious attacks and potential threats in the security field.


The inaugural session featured new Minister of Telecommunication and Digital Infrastructure Harin Fernando as the Chief Guest and International Telecommunication Union Asia Pacific’s Senior Advisor Sameer Sharma as the Keynote speaker. Summit’s National Partner ICT Agency Managing Director Muhunthan Canagey and Central Bank Governor Arjuna Mahendran were the Guests of Honour.

The technical sessions featured top experts from CISCO and Microsoft, who were also the Strategic Partners of the Summit and several others. The full-day summit was followed by ‘Night Hack’ – an innovative and informative evening, showcasing the immediate and potential threats and dangers posed by cyber criminals today. Following are highlights from the presentations made at the technical sessions.

Threat intelligence for cyber security 

Srikanta Prasad, Principal Consultant Cisco Security India delivered a presentation on ‘Threat Intelligence for Cyber Security’. Srikanta explained Cisco’s global security intelligence operation known as Talos. It has been named after a giant bronze man in Greek Mythology who protected Europa from pirates and invaders.

In the history of the mitre CVE project for the last 15 years, only 75,544 Common Vulnerabilities and Exploits have been detected. Yet we come across and average of 1.1 million malware per day and this keeps increasing. The threat landscape indicates 19.7 billion total threat blocks daily which accounts to 82 thousand virus blocks, 181 million spyware blocks and 818 million web blocks, he mentioned

Further he further explained that the multi-tiered defence is the way to address these rising threats. “Intelligence powers everything, we pull in tons of data, Intel helps consolidate and make sense of that data. Detection research then utilises that data to fuel all the security products they support. They have reverse engineers, malware analysts, domain reputation, and spam experts take that distilled data and turn it into something actionable.

“Development works on engines that help deliver our intelligence to all the platforms. Either APIs, backend engines that detect known and unknown threats, or actual infield detection engines that are deployed on platforms. They are fuelled by the intelligence and the under fire experience of the response team. The vulnerability development are the zero day hunters, they help us find new threats before the bad guys do, make sure our response teams know about them so they are covered in the products so our customers are protected, and work on new and innovated ways to help protect our customers through the development of mitigations for classes of vulnerabilities.”

Srikanta also mentioned about a few new exploit kits, their functionalities and emphasised why organisations should collaborate to share intelligence data and the part AGEIS, Talos’ partner program, takes in this effort.


Cyber security: Before it becomes an agenda 

The next presentation was by Pierre Noel, the Chief Security Officer and Advisor for Microsoft in Asia spoke on the topic of ‘Cyber Security: Before it becomes an Agenda’.

“What do cyber criminals, hacktivists and terrorists have in common? They have no rules. Let’s talk about what is not working. Just because you have a very nice firewall, do you think these people will stand and attack your firewall while you watch laughing? Of course not! They will find other ways to attack you. They have no rules. If they think your security is really strong but still wants to attack you, it’s very easy. They are going to find a system administrator of the organisation then find his wife, put a girl in front of the system administrator and give a thumb drive and say put that thumb drive to the network of the organisation. That’s the way it works. As the Chief Security Officer, I should be right 100% of the time but they only have to be right one time.”

Having explained the types of malicious hackers out there and how implementing technology alone will miserably fail you, Pierre said: “I’m the Chief Security Officer but I prefer to be called the Chief Resilience Officer. My job is to make sure that no matter what attack they make we are resilient; we go back to business as quickly as possible. We have this philosophy at Microsoft called ‘Assume Breach’. We work on the assumption that the bad guys are there and will succeed which is a much safer assumption that believing that we’re protected all the time. We have a very different perspective and we do pretty well.”

“Organised crime communities are ones you should truly worry about. There is one thing you need to understand, around five or six years ago the organised crime community realised that they could get a lot of money out of cybercrime. We then saw a development inside these organised crime communities. They started recruiting people to develop vulnerabilities, to create malware, to weaponise malware and operate command and control servers. Today, it’s currently accepted that organised crime is making more money in cybercrime than in selling drugs,” he explained.

Emphasising on another current problem Pierre said, the location with the highest ransomware encounter rate in 2Q14 was Russia (0.81%), followed by Italy (0.59%) and Kazakhstan (0.55%). Unlike with many other types of malware, the distribution of ransomware has been highly concentrated geographically, with almost all ransomware encounters taking place in Europe, western Asia, North America, and Oceania. Ransomware encounters were virtually unknown in Central and South America, Africa, the Middle East, and eastern and southern Asia.

Adaptive security architecture 

Vivek Srivastava, Security Lead Commercial for India and SAARC CISCO spoke on ‘Adaptive Security Architecture’.

“Cisco delivers intelligent cyber security for the real world, providing one of the industry’s most comprehensive advanced threat protection portfolio of solutions and services that are integrated, pervasive, continuous and open. Cisco’s threat-centric approach to security reduces complexity, while providing unmatched visibility, continuous control and advanced threat protection across the entire attack continuum, allowing customers to act smarter and more quickly – before, during, and after an attack.”

“With sophisticated threats to any infrastructure, customers are feeling three big challenges. These are, changing business models and attack vectors. How do we maintain security posture and compliance as our IT landscape when mobility, cloud, the Internet of everything – is changing? Secondly the dynamic threat landscape. How do we improve our ability to continuously protect against new attack vectors and the increasing sophistication of threats? And finally the complexity and fragmentation of security solutions. How are we going to work on the first two problems and reduce complexity in our environments at the same time? The combination of these dynamics has created security gaps, broken the security lifecycle and reduced visibility. It also creates increased complexity and management challenges,” he mentioned.

He further explained how you achieve this simplified, more holistic, more scalable model. “The answer is to focus on three strategic pillars across the entire attack continuum and ultimately your entire security system. One is to drive complete visibility, secondly insist on a laser-focus on threats, and thirdly look at how integrated platforms substantially reduce complexity while increasing your ability to scale and provide consistent control. So, why are these three areas so important?

“Being visibility driven is required because you must be able to accurately see what’s really happening in your environment to gain knowledge about your environment and threats. Visibility needs to come from the network fabric, endpoints, mobile devices, virtual environments and the cloud. The more you can see, the more you can correlate this information and apply intelligence to understand context, make better decisions, and take action – either manually or automatically. Next is to be threat focused.

“Policies and controls are important to reduce the surface area of attack, but threats still get through. You need to focus on detecting, understanding and stopping threats. With advanced malware and zero day attacks this is an on-going process that requires continuous analysis and real-time security intelligence, delivered from the cloud that is shared across all products for improved efficacy.

“You have to be platform based. Security is now more than a network issue; it requires an integrated system of agile and open platforms that cover the network, devices and the cloud. These platforms need to be extensible, built for scale and centralised management for unified policy and consistent controls. Customers will move from deploying simply point security appliances to integrating a true platform of scalable, easy to deploy services and applications.”

Impact of Budapest Cybercrime Convention on laws in Sri Lanka

Jayantha Fernando, Program Director and Legal Advisor of ICTA Sri Lanka spoke about ‘Impact of Budapest Cybercrime Convention on Laws’.

“Sri Lanka was invited to join the Budapest Convention this year. We are the first in South Asia to join this Convention which is valid from 1 September 2015. This is a framework to support successful investigation of cybercrime offences and help law enforcement and judicial cooperation at international level,” he said.

Info sec and cybercrime are inter-related; these are two sides of the same coin. Legislation covers the cybercrime areas of computer related crimes where computers used as a tool to commit other offences such as theft, cheating, misappropriation etc. Hacking that affects integrity, availability and confidentiality of a computer system or network. This also includes the spread of malware. And finally, content related cybercrime where computers with internet used to distribute illegal data such as internet-based pornography, criminal copyright infringement, he added.

The Budapest Convention is a solution to deal with legal implications of cybercrime. It’s a combination of three elements. Criminalising conduct that includes illegal access, illegal interception, data interference, system interference, misuse of devices fraud and forgery, child pornography and IPR-offences. Procedural tools for expedited preservation, search and seizure as well as interception of computer data and it enables international cooperation extradition.

Mobility and cyber security

Brian Kealey, the Country Manager for Sri Lanka and Maldives for Microsoft, delivered a presentation on ‘Mobility and Cyber Security’.

“When I think about mobility what it really means is mobility of experience. My data, my persona, my identity, all those things follow me on any device from a $ 25 Raspberry Pie to right through to another device, a large screen. The idea that I can start on one and finish it on another device. It’s about being able to work from anywhere with a connection. With that in mind, what do we do from a security and resilience perspective? We still design fortresses. We put firewalls, security devices, IDSs and secure them. But once you let people inside it’s not a fortress anymore,” he said.

He explained: “60% of the consumer electronic devices are sold in emerging markets and most of them are not built to be connected to the internet but increasingly they are. When these electronic devices are connected to the internet there are security issues. The other day when I was driving, my Apple watch vibrated and said it has an update available. So now my watch is connected to my phone and the phone is connected to the cloud. It’s going to download software from up there. Is that software reliable, secure, is the system is end-to-end to make sure it’s not trapped in my information because by the way, when you send me a text message, it comes up on my watch so it also has my data, my schedule and who I speak to. You got a huge challenge in this aspect.”

“Having said that, he pointed out that we are seeing a shift from cybercrime to cyber espionage. Countries attacking countries, warfare, and terrorism is on the rise. You think that attackers are targeting the Fortune500 but no, it’s any organisation, any small organisation. We are historically worried about malware and vulnerabilities but what we’re actually seeing now is credential theft and scams, so hacking into websites, getting people’s logins and misusing them is commonplace.”

He emphasised that these threats cannot be completely eliminated. From the Microsoft’s perspective, these issues can be addressed in three steps. First is to ruin the economic model of the attacker, second is to take away the fields we know that is to break the attack playbook and the last one is to eliminate the vectors of attack.

Angels vs. Demons: The good, bad and the ugly

The final presentation of the summit was by Krishna Rajagopal, CEO of AKATI Consulting Malaysia. Krishna’s topic ‘Angels vs. Demons: The Good, Bad and the Ugly’ was cleverly taken from two movie titles to emphasise some basic security perspectives.

“We think we are the angels, hackers are the demons. Then what happens is the hackers think, they are the angels and you’re the demon. So what happens within the organisation? The vendors think they are the angels and you’re the demon and the other way around. This is what I want to shed light on,” he said.

“There was a group selling their software called Galileo for infecting machines, intercepting communications and pretty much anything and would sell it to anybody. In Malaysia, we had four clients interestingly. We had the anti-corruption agency which is fine because they want to investigate, we had the police which is fine, then we had the Prime Minister’s department and some other company which was not even known. So the company that was not even known was spying on the other three to see who they were spying on. This was very interesting to see the original name for this company was ‘Hacking Team’ but after July 2015, we called them the Hacked Team because they were massively hacked. Every single customer that was using their product was released. This was 37 countries that were buying from them. These companies were buying exploits from underground, illegal criminals and selling it to countries. So who’s the angel and who’s the demon? Is it lawful or unlawful?

“The best part of the story was that these companies thought that this was the company which was producing these software. They didn’t know that this company was actually outsourcing the whole thing. This company called Kylax was actually creating these zero-day exploits. This is interesting because the countries don’t know about Kylax, they think the Hacking Team develops it, and Hacking Team thinks the one who developed it was Kylax themselves. But Kylax had outsourced it to underground freelancers. the part they didn’t know was that Hacking Team made a backdoor into every single customer that were 37 countries been monitored by Hacking Team while they were busy monitoring other people. This is a double trouble. In this whole equation it’s hard to say who the angel is and who the demon is,” he added.

Krishna also took findings from the famous Ashley Madison website hack to point out that cybercrime can even cause physical deaths, because in this incident four suicides had been reported. After a very entertaining session of latest exploits, Krishna concluded stating that the defence in-depth method is one powerful strategy to defend against cybercrime.

CISCO and Microsoft were the summit’s Strategic Partners while ICTA was the National Partner. The Telecommunications Partner was Sri Lanka Telecom, the Official Payment Gateway Partner was LankaPay, the Official Insurer was Continental Insurance, Official Printers were OfficeMax, LSP, the creative partner was Triad, and the Electronic Media Partners were LearnTV, TV Derana, FM Derana and Ada Derana. The Hospitality Partner was Cinnamon Lakeside.

Several leading and corporate social responsibility-savvy firms came forward to equip university students with the latest knowledge on cyber security.

The Summit saw over 50 students from Jaffna, Sabaragamuwa, Kelaniya, Sri Jayawardenepura and Colombo Universities being enriched with global and local expert presentations on cyber security threats and solutions as well as the future of the ICT industry in Sri Lanka as well as internationally.

The companies which sponsored participation of these students were CIC Holdings Plc, Citi Bank, Carson Cumberbatch Plc, Expolanka Holdings Plc, Vallibel One, Akbar Brothers, People’s Bank, HNB, Access Engineering and Pan Asia Bank.

Sourced by : http://www.ft.lk

Harin to create “digital democracy” with cyber security protection

– Says vulnerability of businesses and individuals to cyber attacks are increasing and ICTA will give highest priority to counter the threat
– Identifies cyber security protection as part of “good governance” .
– New Govt. will also focus on soft infrastructure and not only hard infrastructure to make Sri Lanka globally competitive.
– Cybercrime costs the global economy over $ 400 billion per year.
– 90% of companies worldwide recognise they are insufficiently prepared to protect themselves against cyber attacks.

By Shiran Illanperuma

The new Telecommunication and Digital Infrastructure Minister Harin Fernando yesterday committed to creating a society of digital democracy with cyber security protection for which all stakeholders must unite.

“ I believe that regulators, operators, academics, vendors in communication and IT industries need to work together towards our common goal of creating a society of digital democracy that is protected by cyber security,” Harin told the opening session of a packed third annual Cyber Security Summit held yesterday by the Daily FT and CICRA Consultancies.

“Cyber security preparedness is a national cause that should be supported by all stakeholders through numerous Private-Public Partnerships,” he said, commending the joint initiative in this regard by Daily FT and CICRA.

Over 300 private and public sector representatives as well as young professionals and graduates attended the full-day summit which featured a host of global and local experts.

Having shared the latest data on the global incidents and threat of cyber security, the Minister said it was clear that around the world, including in Sri Lanka, the vulnerability of businesses and individuals to attacks was increasing and would continue to increase in the future with the increased move to digital platforms.

He said ICT played a catalytic role today, where it underpins the development of entire societies. Businesses have gone online and societies have become networked by means of ICT. Within this context, cyber security plays a key role and should be regarded as the highest priority, with its power to potentially paralyse an organisation as well as play havoc with people’s lives.

Fernando said the Global Risks 2015 report, published in January by the World Economic Forum (WEF), shockingly stated that “90% of companies worldwide recognise that they are insufficiently prepared to protect themselves against cyber attacks.” Furthermore, cyber crime costs the global economy over $ 400 billion per year, according to estimates by the Center for Strategic and International Studies.

“The way to counteract this is, as we continue to increase the e-literacy in our country and develop our ICT infrastructure, it is also important to enforce and implement effective cyber security framework simultaneously,” the Minister said.

Earlier in the year, Sri Lanka participated in the Council of Europe Convention on fighting cybercrime, which was a two-day European Union funded International Conference on ‘Assessing the Threat of Cybercrime’.

Budapest Crime Convention

In September Sri Lanka also became the first country in South Asia and second in Asia after Japan to become a state party to the Budapest Cybercrime Convention. This international treaty effectively addresses internet and computer crime by harmonising national laws, improving investigative techniques and increasing criminal justice cooperation among nation states to effectively combat the threat against cybercrime.

“So we assure that the Government is on the right track and is committed to good governance, of which cyber security is a part,” the Minister said.

“The current Government, with its emphasis on soft infrastructure as opposed to hard infrastructure, has given due attention to cyber security and will continue to do so in the future as well,” said Fernando, who is the youngest Minister in the new Cabinet.

He said that the ICTA, which was the national partner for the Daily FT-CICRA Summit, is committed to formulating policies and the required legal framework.

“Then it is the responsibility of each of us where we all have to work together to ensure that cyber security policies and guidelines are enforced and adhered to by all. Further, organisations need to take responsibility to report breaches so that the Government can take action to strengthen security measures,” Harin added.

“As the new Government, we will make aggressive efforts in planning to further enhance this modern ICT infrastructure with the efficient cyber security measures in place simultaneously in order to make Sri Lanka globally competitive,” the Minister said.

He also encouraged local businesses to consider cyber security as a key area and develop expertise in the domain.  “It will be another avenue of business that we can explore,” Fernando added.

At the summit, International Telecommunication Union (ITU) Regional Office Asia Pacific Senior Advisor Sameer Sharma delivered the keynote address on ‘Building Security and Trust in Cyberspace’.

Guests of Honour, Central Bank Governor Arjuna Mahendran and ICT Agency Managing Director/CEO Muhunthan Canagey, also spoke.

Those who made expert presentations were Principal Consultant, Cisco Security, India Srikanta Prasad, on ‘Threat Intelligence for Cyber Security’; Chief Security Officer and Advisor for Microsoft in Asia Pierre Noel on ‘Cyber Security: Before it becomes an agenda’; Security Lead – Commercial, India and SAARC, CISCO Vivek Srivastava on ‘Adaptive Security Architecture’; Jayantha Fernando, Program Director and Legal Advisor, ICTA Sri Lanka on ‘Impact of Budapest Cybercrime convention on laws’;  Brian Kealy, Microsoft Country Manager for Sri Lanka and Maldives on ‘Mobility and Cyber Security’,  and Krishna Rajagopal, CEO, Akati Consulting, Malaysia on ‘Angels vs. Demons: The Good, The Bad and The Ugly’.

The full-day summit was followed by ‘Night Hack’ – an innovative and informative evening, showcasing the immediate and potential threats and dangers posed by cyber criminals.

CISCO and Microsoft were the summit’s strategic partner while ICTA was the national partner. The telecommunications partner was Sri Lanka Telecom, the Official Payment Gateway Partner was LankaPay, the official insurer was Continental Insurance, official printers were OfficeMax, LSP, the creative partner was Triad, the electronic media partners were LearnTV, TV Derana, FM Derana and Ada Derana while the hospitality partner was Cinnamon Lakeside.

Sourced by : http://www.ft.lk

ICTA ‘National Partner’ for Cyber Security Summit 2015

For the third consecutive year, the ICT Agency of Sri Lanka announced its support for the Cyber Security Summit by functioning as its National Partner.
The summit, which will be held on 29 September in Colombo, will comprise a Cyber Security Summit for IT professions targeting senior officials from the corporate and government sectors, and a ‘Night Hack’ – an informative evening. A Leadership Forum with CEOs of top corporations will follow on 30 September.
The summit will feature high-profile international IT security experts including those who have worked with Interpol and Fortune 500 companies.
Entitled ‘EC-Council Cyber Security Summit 2015’, the event is co-organised by CICRA Consultancies Ltd., Sri Lanka’s pioneering cyber security training and consultancy provider, and the Daily FT.
“We are indeed happy to be associated as the National Partner of the EC-Council Cyber Security Summit,” ICTA Managing Director/CEO Muhunthan Canagey said.
“As the Apex policymaking body for the Government of Sri Lanka on all ICT matters including cybercrime, and as mandated, to implement the Government’s ICT, we are glad to partner this conference as it talks about a topic of national interest,” Canagey said.
“Cyber security is an important aspect that our industry needs to discuss. It is a common platform for both private and government institutions. We are glad to see such initiatives spearheaded in the Industry and we will continue to support such efforts which are of great importance.
“ICTA facilitated Sri Lanka’s biggest cybercrime convention recently, and with this Sri Lanka became the first country in South Asia to join an important Convention on the subject of Cybercrime. The Budapest Cybercrime Convention is the only Criminal Justice Convention on Cybercrime available at present. ICTA is proud to be the force behind its introduction in Sri Lanka,” he said at the ceremony to announce ICTA’s partnership with the summit.
Speaking at the ceremony, CICRA Director/CEO Boshan Dayaratne said that the cyber security summits in 2013 and 2014 were a tremendous success and he expected this year’s summit to create more awareness amongst corporate entities about cyber security risks and how to mitigate those perils.
“As cyber security threats skyrocket and not even a day passes by without a cyber security breach on a corporate or a Government entity on its IT infrastructure, we are pleased to see that the Ministry of Telecommunication and Digital Infrastructure and ICTA have joined hands with EC-Council Cyber Security Summit 2015 in Sri Lanka,” Dayaratne said.
The main objective of the summit is to create awareness over the importance of cyber security and to provide top officers in the Government, leading private sector leaders and IT professionals with best practices in acquiring, implementing, managing and measuring information security postures of their organisations and developing countermeasures.
The summit will also highlight the latest flaws in information security that affect the global community, including corporations and governments. Discussions and presentations will revolve around some of the most malicious attacks and potential threats surrounding the security field.
EC-Council stands for International Council of Electronic Commerce Consultants. “EC-Council is the world’s largest vendor neutral cyber security education provider based in USA. It is the owner and developer of the world-famous Certified Ethical Hacker course (C|EH), Computer Hacking Forensics Investigator program (C|HFI), License Penetration Tester (L|PT) program and various other programs offered worldwide,” Dayaratne stated.
More details about the summit, including the registration process, can be obtained at www.cybersecuritysummit.lk.

Sourced By : www.ft.lk


TRANSACT LANKA (PVT) LTD is pleased to announce that the Information & Communication Technology Agency of Sri Lanka (ICTA) has awarded and granted it permission to facilitate the Lanka Government Payment Service (LGPS) Web Portal  to enable citizens to make cash-based payments for all government related payments including Customs duties, port charges, revenue license, taxes etc. The integration and connectivity to multiple banks would be undertaken by the ICTA.

 This  will be the country’s first non credit card payment gateway offered to citizens who do not possess credit cards.  People who only have a regular current/savings account will be able to make payments directly from their mobile phones and the web-based payment portal. This service is due to be launched 1Q/2016.

 ICTA (Information Communication Technology Agency) 

 The e-Sri Lanka initiative is being actively promoted by the ICTA to support the development of the economy of Sri Lanka, reduce poverty and improve the quality of life of the people. This vision was realized through a six program strategy encompassing ICT Policy, Leadership and Institutional Development, Information Infrastructure, Re-engineering Government, ICT Human Resource Development, ICT Investment and Private Sector Development and e-Society. The initiative to promote digital payments plays a key part in the overall plans of the government to encourage Sri Lankan society to enter and operate in the digital economy.



October 9th 2015

ICTA Awards Transact Lanka with the Prestigious National Best Quality (NBQSA) Merit Award For R&D

lgps 2



Sourced by : http://www.transactlanka.com

Full access to PayPal soon

According to the Information and Communication Technology Agency (ICTA) CEO Muhunthan Canagey, his agency is currently in the process of initiating a broad payment platform where all local banks will be on board.

“Yes, it’s going to be opened. But what we want to make sure is that the local financial institutions become a part of it before it gets off the ground,” said Canagey.

While users from Sri Lanka are able to pay sellers in other countries for their purchases via the service, PayPal had barred Sri Lankans from receiving payments due to both the size of the Sri Lankan economy and the unavailability of data about Lankan markets.

Speaking at the Sri Lanka Economic Summit organized by the Ceylon Chamber of Commerce under the theme, ‘The power of social media for exports’, Canagey emphasized they were committed in creating financial and social inclusivity through the platform.

It was previous Central Bank Governor Ajith Nivard Cabraal who announced that the government was planning to allow inward payments through PayPal, though it never took off ground.

PayPal will open an integral avenue for the startups and the small and medium scale enterprises to take their products to the global markets while receiving payments online, providing the much needed boost for country’s exports.

The PayPal service allows e-commerce merchants to receive payments for their goods from across the globe in return for a 1.9-2.2 percent commission for each transaction.

In the absence of a payment gateway, a handful of Sri Lankan banks had set up their very own Internet payment portals, charging exorbitant annual rental fees in addition to over 3 percent in commissions, neglecting all but a select number of clientele.

Senior Vice President/General Manager and Head of Digital at Virtusa, Madu Ratnayake said the social technology will mostly enable the entrepreneurs to reach scale and in turn will help achieving the US $ 50 billion export target.

Sourced By : www.dailymirror.lk

Google, SL MoU first step towards free Wi-FI for all, says State Minister of Defence

Moves to provide internet facilities islandwide will benefit all, especially the youth who will be able to follow online courses, said State Minister of Defence, Ruwan Wijewardene who was instrumental in initiating the Memorandum of Understanding (MoU) signed on Tuesday (28th of July 2015), between Google and the Government of Sri Lankan, at Temple Trees.

The MoU is for the launch of Google’s brainchild, ‘Project Loon’, in the country. Mr Wijewardene said it was following a chance encounter with former Facebook executive and Chairman of LotusFlare, a mobile content provider, Chamath Palihapitiya who was visiting Sri Lanka, that they planned to bring down Loons to the country.

“During our meeting we discussed the possibility of bringing down Google Loons to Sri Lanka and its advantages. When Sri Lanka has total internet accessibility it will benefit all,” he said. He said that only 10% of the youth enter State-run universities and 20% pursue higher education in the private sector, while a large percentage drop out for want of opportunities.

Mr Wijewardena said, later he was able to talk to the President and the Prime Minister who also pledged their support for the project, as it directly relates to the Government’s free Wi-Fi programme. “The project is a step towards realizing this dream and will empower youth with opportunities at their fingertips,” he added.

Internet service reaches a part of Sri Lanka, yet the country cannot boast about its far-reaching accessibility, as a considerable number is still deprived of connectivity to the global system, which the United Nations declared “a human right” in 2011.

This group that does not come under the umbrella of internet coverage, sadly, is the one that could benefit immensely in its economic growth and its sustainability.

The MoU was signed for Google by Vice President and Project Leader of Google[x] Project Loon, Mike Cassidy, whose presence made the event even more significant. Sri Lanka was represented by the Information and Communication Technology Agency of Sri Lanka (ICTA).

Loons are balloons equipped with hardware that will distribute Long Term Evolution (LTE), which is a 4G wireless broadband technology, back to earth, and from balloon to balloon. A total of 15 loons, each covering 60-70 square meters, will be released to the sky to an altitude of about 20 km, which is twice as high as airplanes fly. A balloon will be 15 metres across and 12 metres tall, and will carry a small box weighing about 10 gm containing the technology.

Every 90-100 days the loons will be brought down to Google’s four landing centres for maintenance, or if it needs to be replaced. The sole objective of the Loon Project is to launch sufficient balloons to give total and uninterrupted worldwide internet service at low or no cost.

“In our system we use LTE which is a common protocol most telcos use worldwide. So, anyone with a smart phone would be able to access the internet. One of the key things we do is to partner local telcos. In New Zealand we partnered with Vodafone,” Google’s Mr. Cassidy said.

A project trial will take place in December this year and the country will have total internet accessibility in 18 months to two years. ICTA CEO Muhunthan Canagey, Highways and Investment Promotion Deputy Minister Eran Wickramaratna, Foreign Affairs and Telecom Minister Mangala Samaraweera, Economic Affairs Deputy Minister Dr. Harsha de Siva joined Mr Wijewardene and Mr Cassidy at the signing of the MoU.


Sourced By : www.sundaytimes.lk

SL ratifies UN Electronic Communications Convention

ICTA-led efforts to get Sri Lanka join the UN Electronic Communications Convention bore fruit, when Sri Lanka’s Permanent Representative to the UN in New York Dr. Rohan Perera deposited the Instrument of Ratification in New York last week.
This is subject to approval by the Cabinet of Ministers in early June, authorising the Ministry of Foreign Affairs to deposit the Instrument of Ratification for Sri Lanka’s entry into this only UN Convention on the subject of Electronic Commerce and Electronic Contracts, officials in Colombo said.

With its ratification the Convention will enter into force for Sri Lanka on February 1, 2016, becoming the first country in South Asia and second after Singapore to become a State Party to the Convention. Countries like Australia, Thailand, Vietnam and China are already preparing domestic legislation to ratify this Convention. Sri Lanka’s ratification of this important UN Convention was possible because the country already has the required domestic legislation, i.e. the Electronic Transactions Act No. 19 of 2006, which is based on this Convention.

ICTA’s Legal Advisor Mr Jayantha Fernando said: “This ratification will ensure greater legal certainty for e-Commerce and e-Business providers who wish to use Sri Lankan law as the applicable law and ensure international validity for such e-Contracts. This will also ensure legal validity for other international legal instruments as well as cross border funds transfers, enhancing the ability of Sri Lanka to fast track its move towards paperless trade facilitation”.

Sourced from : http://www.sundaytimes.lk

Sri Lanka ratifies UN Electronic Communications Convention, another first for South Asia

ICT Agency (ICTA)-led efforts to get Sri Lanka ratify the UN Electronic Communications Convention bore fruit, when Sri Lanka’s Permanent Representative to the UN in New York Dr. Rohan Perera deposited the Instrument of Ratification in New York recently.

This is sequel to approval from the Cabinet of Ministers obtained in June. The Cabinet approval authorised the Ministry of Foreign Affairs to deposit the Instrument of Ratification at the UN Treaty Office so as to ensure Sri Lanka’s entry into this only UN Convention on the subject of international e-Conews22

mmerce and on the use of cross border e-Contracts.

With its ratification Sri Lanka becomes the first country in South Asia and second country after Singapore to become a State Party to the Convention. Countries like Australia, Thailand, Vietnam and China are already preparing domestic legislation to ratify this Convention.

However, Sri Lanka’s ratification of this Important UN Convention was possible because the country already has the required domestic legislation, namely, the Electronic Transactions Act No. 19 of 2006, which is based on this UN Convention. The Convention will enter into force for Sri Lanka on 1 February 2016.

ICTA’s Legal Advisor Jayantha Fernando said: “The UN Electronic Communications Convention, also known as the UN Convention on the Use of Electronic Communications in International Contracts, builds on the legal principles contained in other UNCITRAL Model Law on Electronic Commerce (1996), and makes it more relevant to the Internet era.”

“Sri Lanka’s ratification of this Convention will ensure greater legal certainty for e-commerce and e-business providers who wish to use Sri Lankan law as the applicable law and ensure international validity for such e-contracts. The Convention also ensures legal validity for other international legal instruments as well as cross border funds transfers, enhancing the ability of Sri Lanka to fast track its move towards paperless trade facilitation,” Fernando added.

A UN Information Service press release, issued in Vienna datelined 9 July, stated: “Sri Lanka announced its ratification of the Convention during the 48th annual session of the United Nations Commission on International Trade Law (UNCITRAL) held in Vienna, Austria.”

The UN press release further elaborated: “The UN Electronic Communications Convention aims to enhance legal certainty and commercial predictability where electronic communications are used in relation to international contracts. The Convention addresses, among other things, the determination of a party’s location in an electronic environment; the time and place of dispatch and receipt of electronic communications; and the use of automated message systems for contract formation.”

“ It also provides the criteria to be used for establishing functional equivalence between electronic communications and paper documents – including ‘original’ paper documents – as well as between electronic authentication methods and hand-written signatures. In doing so, the UN Electronic Communications Convention builds on the fundamental legal principles and provisions contained in other UNCITRAL texts on electronic commerce, namely, the UNCITRAL Model Law on Electronic Commerce, already adopted in about 140 jurisdictions across more than 60 countries.”

Sourced by : http://www.ft.lk/