ICTA partners APICTA 2015

ICTA Sri Lanka making a token presentation as APICTA 2015 National partner (from left) FITIS Chairman Chinthaka Wijewickrama, APICTA 2015 Co- Chairman Abbas Kamrudeen, University of Colombo School of Computing Director Prof. Gihan Wickramanayake, APICTA 2015 Co-Chairman Ruwan Amarasekera, ICTA Chairperson Chitranganie Mubarak and ICTA CEO Muhunthan Canagey

The Federation of Information and Technology Industry Sri Lanka (FITIS) and BCS, the Chartered Institute for IT, Sri Lanka Section announce that the APICTA 2015 international awards ceremony, considered the ‘Oscars’ of the information and communication technology (ICT) sector in the Asia Pacific region, will be held in Sri Lanka this time.

APICTA, the largest ICT awards ceremony in the Asia Pacific region, will be held in Colombo from November 18-21 this year, with the participation of over 650 ICT innovators, experts, investors, traders and entrepreneurs from 16 member countries.

The National partner of APICTA 2015 is the Information and Communication Technology Agency (ICTA), the apex ICT institution of the government.

ICTA CEO Muhunthan Canagey said, “This is a great opportunity for Sri Lanka to position the country among the international community. We can promote our products and services and this enables us to showcase our talents to the world. APICTA also brings leading ICT firms and professionals under one roof and we can certainly look forward to new business opportunities, investments, joint ventures and technology transfers with APICTA 2015.”

APICTA Chairman Dr. Dileepa De Silva said, “This is a great opportunity for Sri Lanka to position the country among the international communities. We can promote our products and services and this enables us to showcase our talents to the world. APICTA also brings leading ICT firms and professionals to a single place and we can certainly look forward for new business opportunities, investments, joint ventures and technology transfers with APICTA 2015”
The Asia Pacific ICT Alliance (APICTA) is an international awards programme organised by APICTA, which aims to increase ICT awareness in the community and assist in bridging the digital divide. Asia Pacific ICT Alliance (APICTA) is an alliance of national ICT organisations representing their respective countries to build and enhance a mutually cooperative network to promote ICT, enhance technology innovations, capability and adoption and encourage the development of indigenous ICT solutions for the global market. Sixteen countries in the Asia Pacific region have been members of this regional alliance, including countries with developed and established economies like Australia, China, Malaysia, Indonesia, Hong Kong, Singapore and Thailand, etc.

By providing networking and product benchmarking opportunities to ICT innovators and entrepreneurs in the region, this awards programme is designed to stimulate ICT innovation and creativity, promote economic and trade relations, facilitate technology transfer and offer business matching opportunities via exposure to venture capitalists and investors.

Apart from the APICTA Awards, the other main parallel event is the APICTA 2015 Business Forum, which will create a common platform for investors, traders and the business community to benchmark their innovations, explore possible business partnerships and investments, explore import and export market entry points and share innovative ICT solutions for business etc. A business lounge will be operated during this event and would consist of a breakfast meeting with the Japanese delegation, a panel discussion and one-to-one business match-making lounge.

Parallel to the Business Forum, a Student Knowledge Sharing Forum will also be conducted. This is expected to contribute towards the skills and knowledge upgrading of youth in tertiary and secondary education for both Sri Lankan as well as foreign students visiting Sri Lanka to attend the APICTA 2015 competition.

The events calendar for the Asia Pacific ICT Awards (APICTA) 2015 competition are as follows, November 18-20 – APICTA 2015 Awards ceremony, November 21 – APICTA 2015 Business Forum, November 20 – APICTA 2015 Students Forum and November 20-22 – Infotel – 2015 Exhibition.

Industry Knowledge Enhancement Program

Industry Knowledge Enhancement Program

Sri Lanka is fast becoming an IT hub for international business. With the opportunity of tapping into bigger international markets such as Europe, Australia, Scandinavia, South East Asia etc, the knowledge held within IT related organizations would need to become more diversified.

To facilitate this requirement, the ‘Industry Knowledge Enhancement’ programme was designed to enhance the awareness and understanding of required fields among employers and the future workforce in the Sri Lankan IT industry.

The ICTA shall fund and facilitate training programs including workshops and forums to help participants adopt the latest technologies to enhance quality and information security in career development.


• To open up the opportunities for IT industry to build capacity in priority knowledge areas which are highly required in driving for excellence.
• To cultivate the knowledge based economy via introducing new technology through internationally recognized training programs at an affordable cost.
• To enhance the quality of the existing workforce while building certified professionals in key demanded areas in international context.

In Essence

The objective of the strategy is to provide the latest knowledge to employees of the IT/ITES industry through a series of short courses which would enhance the competitiveness of the Industry.


Industry Associations

•    New technology infusion to the Industry e.g. Automated Testing, Hybrid development, Cloud technologies, Agile testing etc.
•    Mature processes – Effort estimation, Agile Development
•    Adoption of frameworks and standards e.g. Blackduck, ITIL,
•    Certified workforce e.g. CBAP, STQB, Ethical Hacker,

  • 258 professionals trained on cyber security related certifications in 2017
  • Over 1845 professionals (Since 2010) trained on key technological areas.
  • Some of the key courses were,

–    Software Effort Estimation
–    Scrum Alliance Certified Scrum Master Training
–    Hybrid Mobile Application Development Training
–    Big Data and Hadoop Training
–    Performance Testing – J Meter
–    Devops – Chef & Puppet
–    Docker

Industry Knowledge Enhancement Project2

Domestic Learning Seminars

‘Domestic Learning Seminars’ is one of the key capacity building initiatives incepted in 2009. Having adopted incremental improvement over time, the project continues to drive excellence. The project focuses on adaptation and skill enhancement of the current IT labor pool in Sri Lanka. Composed of a series of training programmes spread throughout the year, it caters to the current knowledge demand in the local IT industry. The key knowledge areas are determined by the core competencies required within the industry.

Quality code development initiative

The IT Industry of Sri Lanka is facing the issue of developers producing low quality code during the first couple of years of their career. The ‘Quality Code’ program was developed as a solution to this problem.

Industry experts along with ICTA put together a curriculum targeted at Quality Code Development, which is delivered by speakers from the industry who shall elaborate on tips and key principles needed to enforce Quality Code.

Quality Code
Building security professionals

Building Security Professional

The ‘Building Security Professionals’ project highlights the need for more IT security professionals in Sri Lanka. The initiative is directly derived from the government’s vision of building 20,000 IT security professionals in Sri Lanka by the year 2020.
The project entails a long-term plan of creating awareness and enhancing basic IT Security knowledge . The project envisions to introduce school students to IT security based careers.

Cyber Security Training Program

Country Branding and Business Promotion

Country Branding and Business Promotion

The programme is endorsed by destination branding models adopted successfully within the Tourism industry and by countries such as Singapore, India, South Africa, France, Germany and Argentina, in branding Sri Lanka with view of stimulating its export growth, attracting foreign investment and managing negative stereotyping.
The ICTA engages in overseas business/country promotion activities with the main intention of creating country branding/positioning targeting captives, analysts etc. promoting the country as a viable destination to setup an offshore operation, attracting ICT investments to the country and exploring overseas business promotion opportunities for local companies.
In achieving the target of USD 5 billion in export revenue by 2022, ICTA through the ‘Country Branding and Business Promotion’ project conducted under the Industry Development Programme, focuses on promoting Sri Lanka as a destination to source technology and skill.


•    To create visibility for the Sri Lankan IT BPM industry brand
•    To provide opportunities for local IT and BPM companies to exhibit and take part in local and international exhibitions and conferences
•    To provide opportunities for local IT and BPM companies to meet and network with potential local and international clients/partners to foster business partnerships

In Essence

The Country Branding and Business Promotion program promotes international exposure in designated countries for the domestic (Sri Lankan) ICT Industry


ICT Agency, Industry Associations, EDB, BOI, Business Chambers

•    A Sri Lankan Financial Shared Services center awarded the Winner for “Best Process Improvement and Innovation” at the Shared Services and Outsourcing Network (SSON) Australasian Excellence Awards 2016
•    Brand exposure globally (primarily targeting the demand markets such as UK, Australia, Europe, South & South East Asia)
•    ICTA’s Industry Development program has supported the industry and the industry body (SLASSCOM) in expanding its business development activities in the UK market in 2009 as well. These facilitations and engagement with the UK market helped Sri Lanka to be recognized as the winner – offshoring destination of the year 2013 & 2014 and shortlisted in 2015 by the National Outsourcing Association, UK
•    Improvement in the ATKEARNEY Rating for Offshore Destinations
•    Improvement in the Gartner Rating for Offshore Destinations
•    75 unique companies have received at least one opportunity through ICTA to be part of an exhibition or networking meeting in Australia. 80% of the beneficiary companies have either got sales, setup a partner network or established an office in Australia
•    Partnerships made with Government and trade entities in Australia

•    Sponsor of NOA Awards in 2013
•    Creation of the Sri Lanka IT BPM Destination brand
•    75 unique companies participated in networking events in Sydney, Brisbane and Melbourne
•    47 unique companies participated at CeBIT Australia during 2011-2013 & 2017
•    25 unique companies participated at Gartner Symposium and Exhibition, Gold Coast during 2013-2016
•    8 companies participated at Mobile World Congress, Barcelona, Spain in 2017
•    Country pavilion organized at Gartner Symposium and Expo, London, UK
•    Competitive Benchmarking report produced by ATKEARNEY
•    One on One meetings with 40+ Gartner Analysts

Direct/indirect exports revenue from Australia is US$ 7,000,000+ and additionally US$ 1,000,000+ as a potential sales pipeline

Overseas and Local Business Promotion

Industry consultation and analysis of industry markets is conducted to promote international exposure of the domestic ICT Industry, within designated countries. Organizing of overseas and local business promotion missions are conducted via (1) retaining a matchmaking/ PR company in the target country, to raise awareness and facilitate business links. (2) assisting ICT Associations in overseas promotion activities such as event participation and the hiring of consultants for matchmaking/ business development as well as capacity building for marketing and advertising activities., (3) facilitating overseas business/country promotion activities by working closely with international stakeholders/ network channels.
The process will include ICTA sending out an EOI to the industry seeking its interest, shortlisting delegate companies based on a selection criteria, conducting capacity building sessions targeting selected companies followed by monitoring/evaluating their pre-mission as well as on-mission and post-mission performance.
The project has led the Sri Lankan IT and BPM Sector to engage with the UK and Australian markets since 2010. Over 25 business promotion activities have been funded and supported during the 2010 – 2016 period, which includes country pavilions at the Gartner Symposium & IT Expo in UK and Australia, and business networking meetings in London (UK), Sydney, Brisbane and Melbourne (Australia) and Singapore.

Go to Market Support for IT Product Companies

This initiative was launched by the project in March 2017. The objective of this program is to subsidize the cost for local IT product companies in their efforts of seeking support for overseas business development activities for market penetration and new market development with the aim of increasing export revenue and local employment.

Process: an overseas business development activity in the form of a trade mission or exhibition must be identified by the IT product company. An IT Company which owns the IP for a software product or products developed in-house is eligible to benefit, and the applicant should provide evidence in the application (critical evaluation) that the identified activity forms part of a strategic plan to develop their business/markets and the go-to market strategy.

Go to Market Support1

Country Branding

In-line with global best practices on destination branding and AT Kearney’s recommendations to improve the overall rankings and the attractiveness as a leading destination for IT-BPM services, the Sri Lanka IT BPM brand that was created in 2014 has consistently been used to give visibility and promote the country as a viable destination for IT-BPM services and to source technology and skill.

This brand was launched as an image changing campaign, bench marking Sri Lanka against the other competing countries in the region and leveraging Sri Lanka as a knowledge hub, highlighting the hygiene factors the industry/country possesses as a competitive destination; ICTA has led a stakeholder driven approach from designing to implementing of the brand, and has been closely working with the relevant government bodies and industry associations such as EDB, BOI, SLASSCOM, FITIS, The Computer Society of Sri Lanka (CSSL) etc.

Furthermore, ICTA through the Industry Development Program has played a pivotal role in coordinating with the stakeholders of the IT-BPM industry to ensure a unified message is delivered as a nation . The brand and Sri Lanka as a destination is continuously promoted when exhibiting at country pavilions, through the dedicated website www.srilankaitbpm.com, via social media, country promotion material such as the country video, the country book and mission booklets.
And at international business community networking forums, the ICTA delivers customized presentations on Sri Lanka, highlighting the many ways the country is transforming towards a creative knowledge-based society through digitally empowered citizenship, giving rise to a conducive environment for investment and conducting of business. Meanwhile, all promotional material and country pitches are customized towards the different target groups/markets, and the country/brand is promoted during targeted roadshows, networking forums etc.






ICTA sponsors INFOTEL 2015 as National Partner

Information and Communication Technology Agency of Sri Lanka (ICTA) will be the National Partner of Sri Lanka’s flagship ICT Expo INFOTEL 2015.

The exhibition will be held from November 20 to 22 at the BMICH under the theme of ‘‘Connecting Citizens’’.

The key objective of this year’s exhibition is to showcase the latest ICT and digital innovations, harnessing the best ICT solutions to empower the future growth via multiple career guidance events on an ICT platform.

ICTA, the apex ICT institution of the Government, has been mandated to take all necessary measures to implement the Government’s Policy and Action Plan in relation to ICT industry. ICTA is required to assist the Cabinet of Ministers in the formulation of the National Policy on ICT and provide all information necessary for its formulation. ICTA, which is wholly owned by the Government of Sri Lanka, implemented the e-Sri Lanka Development Project under which significant progress has been made.

FITIS Chairman Chinthaka Wijewickrama said the salient feature of this year’s event is the incorporation of many progressive features. They are a unique addition to the selection on offer.

“A noteworthy feature is the demarcation of a special Shopping Area, where ICT products and services will be on sale at reasonable prices and with a comprehensive warranty for the benefit of visitors to the INFOTEL–2015Exhibition. “Visitors to this event can see for themselves and personally experience the newest, state-of-the-art technology in relation to computer software and hardware, Big Data, Mobile Computing, Cloud Computing, Digital Signature and Computing Gaming.

“INFOTEL–2015is the only key platform in Sri Lanka which brings together under one roof Chief Executives, eminent professionals and decision-makers in the ICT sphere, apart from entrepreneurs, educationists, students from schools and universities and people from all walks of life. It will be more focused towards the country’s national growth and increasing IT literacy”.

“As the biggest ICT-related happening, this event draws lakhs of visitors every year. It is the biggest show in the ICT sector. At INFOTEL–2015, there will be over 300 exhibition and trade stalls. What will be unique is that the exhibition will not be limited to showcase ICT products and gadgets, but will be one of international standards and a meeting place for corporates, buyers, sellers, recruiting companies, career seekers and IT enthusiasts alike, the FITIS Chairman said.

INFOTEL–2015 will also offer the opportunity for organizations the world over to participate in having their stalls and products displayed at this event. It is an ideal platform for ICT stakeholders in Sri Lanka and other international countries to explore and capitalize the new growth and wealth creation opportunities in the country, he said.

Sourced by : http://www.dailynews.lk

New laws to curb cyber crimes

The government is drafting new laws to address emerging crime trends involving cyberspace as they cannot be curtailed under the existing legal framework. The CID Computer Crimes Division is to establish 22 new units under each SSP division to address computer related crimes.
The need for Internet privacy laws is felt when the norms of data protection are violated, said Jayantha Fernando, Programme Director, ICTA, emphasizing that Sri Lanka has no specific laws on Internet privacy.
Fernando said that the government has begun policy level discussions at the initiative of ICTA on Internet privacy laws and data protection. He said the process of formulating the draft is in progress.
Privacy laws count on how information is collected, processed and transferred to the third party, he said.
The Computer Crimes Division of the CID set up under the Computer Crimes Act 2007 deals with an increasing number of complaints on email scooping and privacy violations. The division has investigated over 100 on internet related crimes, including 50 complaints of cyber deformation, 21 complaints related to obscene publications and another 22 related to email hacking this year.
Another 2,000 complaints involving Facebook and Twitter were reported to the Computer Emergency Readiness Team (CERT) in the first seven months of this year. Most incidents had occurred on Facebook, and primarily involved in the use of fake profiles, Senior Security Engineer of CERT, Roshan Chandragupta said.

He said that people are affected in different ways through internet. Some are threatened with information related to the victim, some are harassed sexually, some are blackmailed for money, and some are even bullied to the point of death.
However, CERT limits their assistance to IT related options. Further legal action would have to be resorted externally, he said.
He said “there were many people who had been affected by impersonators on social media. Some are not aware where to complain and had, therefore, not made a complaint in relation to fake profiles.”
“Current laws make it difficult for us to bring in the culprits” claims an investigation officer attached to the Computer Crimes Division of the CID.
“For example, there were many incidents that are reported in which an aggrieved party shares the contact details of another party. Usually, the victim is a former girlfriend of the culprit who does that to avenge her. This does not fall under deformation law, as there is no defamation, so it becomes difficult for us to bring the culprit to book”, he said.
The Computer Crimes Division lacks officers to carry out work. The division has no branches. However, the CID is in the process of training more officers, CID Director SSP.R Nagahamulla said.
With new plans to establish branches, the CID is in the process of selecting officers to be trained on computer related investigations.
“We need 120 personnel. Training takes time. We have assigned new officers to be trained on investigations under officers in the Computer Crimes Division” he said.
Following a proposal made by the Law, Order and Prison Reforms Ministry, a Hi-tech Crime Unit will be established under the purview of the IT division of the Police to look into the issues in concern with Cyber Crimes, said Police Information Technology Division ASP Damayantha Hettiarachchi.
“The unit will assist the police to find digital forensic evidence to the complaints received on cyber-crimes whilst general Police officers cannot analyse electronic evidence,” the ASP said.
The Police Department lacks electronic devises. The department is in the process of purchasing standardised equipment to track offences to continue investigations.
A standard operation procedures will be used to gather electronic evidence.
There are 10 IT labs under the Police IT division. Another 12 labs will be opened soon, but there are only limited Police officers certified by the IGP to look in to forensic electronic evidence, he said.
Pointing out that the Budapest Convention is an effective tool for law enforcement, ASP Hettiarachchi said “The Council of Europe will attend the Cyber Crime Meet to be held in Sri Lanka this week. They will provide assistance to train police officers to enhance their IT capacity. IT experts will conduct training programmes at the Kalutara Police Training College for law enforcement officers”
In 2015, Sri Lanka was invited to join the European Cyber Crime Convention. The Foreign Affairs Ministry together with the ICT Agency (ICTA), has fast-tracked Sri Lanka’s entry into the Council of Europe (CoE) Cyber Crime Convention also known as the Budapest Convention.

“The Budapest Convention on Cyber crime, seeks to address Internet and computer crimes by harmonising national laws, improving investigative techniques and increasing cooperation among nations,” Fernando said.
Sri Lanka has overtaken Philippines, Costa Rica, Argentina, Mexico, South Africa and several other countries in the process towards joining the Budapest Cybercrime Convention. Sri Lanka becomes the first Country in South Asia to join the Cybercrime Convention, which is the only international treaty on cyber crimes globally, he said.
“This is a significant policy breakthrough for Sri Lanka. It will create a whole new possibilities with regard to cyber crimes. The Criminal Justice Authority can investigate and prosecute offences,” he said.
It is an obligation of the Budapest Convention to open 24/7 contact points in Sri Lanka to get mutual assistance from other member countries when dealing with cyber incidents, he said.
Sri Lanka has to think about the strategy on data privacy and data protection to introduce laws compatible with European and other international standards, ICTA Programme Director Fernando said.
The benefit of the convention is that all will be compelled to adhere to the data protection and privacy safeguards. Privacy laws are important where investors from Europe or other countries will look at how information provided is protected in Sri Lanka.
Referring to maintenance of the data privacy, Fernando said many internal steps that can be taken to ensure privacy, suggesting that the government and private authorities should adopt common internal privacy policies. Organizations or companies offering services on Internet should state their privacy policies in their home page. The companies should have policies to safeguard information collected from those organizations.
“Data owners and the companies will have greater comforts when dealing with various organizations, he said.
Fernando said the government needs to take more efforts to educate people on the need to ensure privacy and respect the privacy of the fellow people.

Sourced by : http://www.dailynews.lk

National framework for cyber security vital: Eran




By :Himal Kotelawala

A national framework for cyber security, including the establishment of an institutional framework, must be developed in order to handle cyber security incidents, Deputy Minister of State Enterprise Development Eran Wickramaratne said on Tuesday.

Speaking at the eighth Annual National Conference on Cyber Security, the Deputy Minister said the country needed to form national-level cyber strategies in order to handle security incidents at an organisational, industry, and national level.

“In recent times, many developed countries have suffered cyber-attacks as a result of ‘unstructured’ security organisation. The protection of Critical National Information Infrastructure such as the LGN must be a national priority and sufficient policies and procedures, infrastructure and personnel must be deployed to ensure its smooth functioning,” he said.

According to ICTA, the LGN, or Lanka Government Network Project, is a secure underlying information infrastructure backbone that connects all the government organisations (initially 325 locations in three phases) in a “cost-effective and secure manner to provide internet, email and IP based voice services.” The project sought to address basic hardware and LAN network needs of the connecting government organisations including but not limited to providing WAN connectivity to the LGN Hub.

Government accountability and significance of security

Commenting on the role ICT could play in Government accountability and the significance of security in this regard, the Deputy Minister noted the importance of government officials corresponding with officially assigned email accounts, as opposed to using Gmail or some other personal email address.

“Using personal email addresses means that there is no public traceability or memory of what has officially been done. Take for example the lack of documentation regarding what happened during the previous Government’s tenure. There is little to no traceability of accountability for what took place behind closed doors. Thus we must put in place protocols and capacities to deal with email correspondence,” he said.
Right to Information plus strong ICT

Right to Information (RTI) coupled with strong ICT could also play a part, going to the extent of fighting corruption, he said, adding that, for example, there was no reason why the Government couldn’t share information about how contracts are awarded.

“The Government should put out the requisite information on its websites and make it accessible to the public. Moreover, by putting it up online, it saves time for the public who no longer have to demand this information. It also saves time for the public sector who no longer have to divulge information on a piece-meal basis,” the Deputy Minister said.

Government commitment to developing IT

Emphasising the Government’s commitment to developing ICT, Wickramaratne said that Sri Lanka is attempting to develop a modern economy to integrate with the global economy and succeed in the world.

“Just as we are building physical highways, we need to build information highways. Just like we are concerned for safety and security in the physical world we live in, we need safety and security in the virtual world. We cannot simply limit ourselves to the physical world, because significant portions of our lives and activities are transacted in the virtual world. Thus, an understanding of the virtual world is important to succeed, as a people and as a country,” he said.

Good security practices and the development of security infrastructure must be part of the strategy to provide such a secure environment for the country, he added. Hence, the need to form national-level cyber strategies and develop a national framework for cyber security.
e-Sri Lanka initiative

Commenting on the impact made by the e-Sri Lanka initiative, Wickramaratne said the project helped strengthen cyber security in the country.

“When the e-Sri Lanka project was envisaged, cyber security was thought of as simply a legal framework. It was through the e-Sri Lanka program that we were able to put in e-laws to provide cyber security. However, as the project subsequently developed, cyber security was institutionalised, and that is how CERT (Computer Emergency Readiness Team) Sri Lanka was born,” he said.

e-Sri Lanka, according to the Information and Communication Technology Agency (ICTA), utilised ICT to develop the economy of Sri Lanka, reduce poverty and improve the quality of life of the people through a six-program strategy which encompassed ICT policy, leadership, and institutional development, information infrastructure, re-engineering government, ICT human resource development, ICT investment and private sector development, and e-Society.

Catching up for lost time

The Deputy Minister further said that the UNP-led Government sees as its task to fast-track Sri Lanka into a position of success and to bring knowledge and competence in ICT.

“We have to catch up for time lost during the past 10 years, and compensate for the people who lost focus of ICT development,” he said.

The challenge, he added, was not understood, and as a result the public sector is significantly behind and Sri Lanka is, therefore, vulnerable due to its lagging behind.

“Strong cyber security and information platforms are not just a luxury to strive for; it is fundamental to our country’s operation. Whether we think about fighting against corruption, or for good governance, or economic development, understanding and strengthening our presence in the virtual world is essential,” he said.

Wickramaratne added that it was crucial to support CERT’s model of conducting educational activity on cyber-safety across the country, setting a national level framework on cybercrime forensics, and helping law enforcement agencies with investigations.

“It is important for all of us to continue to support this model, and help it develop accordingly with the dynamic global situation. Indeed, we all have a role to play,” he said.

Private sector support

The Deputy Minister also called on the private sector to provide guidance to the State sector in developing strong ICT infrastructure, adding that he was personally striving to reform public enterprises by developing strong ICT infrastructure.

“The private sector has made investments at a higher level, and thus have a more sophisticated ICT architecture. The public sector is lamentably lagging behind and there is an urgent need to bridge this gap. The government will look to you for guidance and the way forward,” he said.

Pix by Lasantha Kumara

Sourced by: http://www.ft.lk

Microimage celebrates 20 years in an evening of true spirit

Top row: From left CEO Harsha Purasinghe, ICTA Managing Director Muhunthan Canagey, and Malaysia OMESTI Bhd Executive Director Mah Xian Zhen. Second row from left Microimage COO Suren Rupasinghe, Dialog Axiata Group CEO Dr. Hans Wijayasuriya and SLASSCOM Chairman Mano Sekaram

Microimage, the company that started as a high-school startup and built through sheer determination and passion, celebrated its 20th anniversary at a warm and cherished event on 7 October evening.
The significance of this event was the heartfelt gratitude and appreciation shown to all those who were a part of the company’s humble, yet incredible journey.
The evening kicked off with CEO Harsha Purasinghe showcasing the journey of their proprietary software, the very first Sinhala Unicode Keyboard, Helawadena, a collaboration between the ICTA, Microsoft and Microimage making Sinhala, Tamil and numerous other language ‘keyboards’ ubiquitously available. The initial Microimage product was given a small space in a store (at Majestic City) owned by another small startup, EPSI. Ironically, the owner of EPSI was none other than Muhunthan Canagey.
Canagey, Head of ICTA, ‘remembered’ and shared this journey with the audience. “I am extremely proud to be standing here acknowledging the success of Microimage. Harsha and I have come a long way together and achieved many accomplishments together. I am more than proud to have been a part of this journey.”
Next, it was COO Suren Rupasinghe who spoke about Sri Lanka’s pioneering Human Capital Management (HCM) solutions: developing time and attendance, and payroll software for the manufacturing sector. Despite rejections and disappointments, the company only strived harder and launched the HCM8R2 which ended up as a game-changing experience to the HR industry.
The company was proud to service a large established growing client base across the region, deploying in seven markets, which includes Sri Lanka, Maldives, India, Singapore, Malaysia, Bangladesh, Pakistan, Brunei and Saudi Arabia.
Harsha then spoke about the company’s foray into the international arena tying up with Asia-based OMESTI Group.
This strategic partnership with Microimage was intended to bring leading edge Human Capital Management (HCM) solutions to Asian markets. Known as MIHCM (Microimage HCM) Asia, the new venture used Kuala Lumpur as a launch pad to deliver proprietary HCM solutions to South East Asia and beyond, leveraging on the regional networks of the OMESTI Group.
Executive Director of OMESTI Bhd, Mah Xian Zhen, who had flown down especially for the occasion paid a glowing tribute to the Microimage team and their plans to enter the East Asian countries like Cambodia, Thailand, Myanmar, and Indonesia.
Meanwhile Microimage was transforming from being just another provider of desktop language software into a very successful software research and development company focusing on providing innovative solutions in key product lines such as human capital management software solutions, enterprise software solutions, and mobile solutions/software localisation.
At this point, Mano Sekaram, Chairman of SLASSCOM, aptly summed up the Microimage story by saying that despite all the hardships faced along the way due to various industry shortfalls, the company did not give up hope but flew the flag for Sri Lanka at every tech forum, locally and internationally, bringing pride and recognition to this country. “Every successful company has to have a soul, and Harsha is the heart and soul of Microimage.”
Seeing an opportunity to get into mobile media, the company then started developing a radio automation software which turned out to be the mission-critical innitiative for radio operations.
Today, Microimage Mobile Media powers all key radio networks and the leading DTH TV operators. Microimage Mobile Media Broadcast platforms are now marketed in other regional countries as well.
During this time, Microimage introduced ebooks via the BookHub to Sri Lanka in collaboration with Dumindra Ratnayaka (ex-Etisalat) and Rajiva Gunasena of Gunasena Bookshops. They did not stop there but went on to develop a music app called ‘Thaala’ to facilitate legal music downloads, which was launched together with Dialog Axiata’s music service offering.
Dr. Hans Wijayasuriya, Group CEO of Dialog Axiata, said: “Whilst we live in an era of disruption, and breaking down things yesterday to do things today, it is heartening to see a company that has risen from humble beginnings to become one of the biggest successes in this country today.”
Apart from making game-changing software, Microimage veered into social innovation with the first-ever disaster and early warning solution called DEWN. This a world class social innovation that emerged after the Indian Ocean tsunami was a great collaboration between Dialog Axiata, Microimage and the University of Moratuwa’s Dialog Research Lab. This is currently deployed with the Disaster Management Centre of Sri Lanka.
Today, Microimage Holdings has become the umbrella organisation that oversees all of its diversifications including Microimage Impact. This new arm will engage in various social impact initiatives and all revenue generated from this social venture will be put back into fostering social ideas towards social impact harnessing the power of technology.
Giving an insight into the future of Microimage, Harsha outlined plans of their new office in Sydney, Australia and Dubai.
The biggest announcements of the evening were the HCM15 version, which was demoed through a beautiful video and mStudio 3.0 poised to revolutionise the broadcast industry as never before, as Microimage continues making headway beyond the shores of Sri Lanka.

Sourced By : www.ft.lk

Towards a digital economy in Sri Lanka

mc 2

ICTA MD/CEO Muhunthan Canagey

ICT Agency of Sri Lanka Managing Director/CEO Muhunthan Canagey shared his views on Sri Lanka’s role on cyber security at the EC Council Cyber Security Summit 2015.
Canagey explained that Sri Lanka is taking leaps in developing the infrastructure for a digital economy.
“The new Government’s aim is to get all state buildings linked across the country. A project is been carried out for linking up 3,500 state buildings with 100 megabyte connectivity to each other and to an information back bone of 100 gigabytes across all 25 districts. This means any state official would be able to work across any of the state buildings irrespective of the location they are in. So if you have an appointment at the Ministry of Finance and afterwards let’s say you have to go for a meeting at the Ministry of Foreign Affairs or our ministry; with the same login you would be able to work across all ministries. Now that’s the type of environment we are bringing in,” he said.
“While we do that, we are also ensuring that the citizens will be able to engage themselves in Government related services. These are all e-services and by 2018 we intend to have the entire Government’s services available as e-services for citizens, allowing them get all their services across mobile platforms. That’s the vision we have to move forward. The next step that the ICTA will actually take is to work forward along with the financial institutions in the country to develop the national payment platform for Government payments; starting with the Sri Lankan customs as the first payment service. This would allow citizens to tap all bank accounts into one app and be able to make transfers and payments across all Government portfolios,” he added.
Digital economy entails many security challenges. These cannot be dealt by the Government or any institute alone. Information security is an ongoing process which requires people, process and technology to align together.
“These services all sound fancy and as the way to move forward. But on the other side we have to consider the cyber security aspects. While we keep opening our doors, there are more threats coming in. The SL-CERT, a subsidiary of ICTA does an enormous amount of work in ensuring citizens are protected on a day-to-day basis. They have large volumes of hacks that are reported to them daily. ICTA takes cyber security very seriously and we are the first in South Asia to enter the Budapest Convention; the cross-border contractual agreements which will be taking place in this regard,” he stated.
He further explained the importance of having a cyber security culture within organisations in Sri Lanka. All technological measures to safeguard information assets in organisations would fail if the concept of cyber security is not instilled within the organisation and its employees.
“We need to bring cyber security into our lives, our culture because everything we do is going to be online and in the future, we really need to take this area forward. We are planning to implement the National Security Operations Centre (SOC) by March 2016,” he added.
Canagey also pointed out that it’s time for organisations to start investing in the skills of young people who have high technical knowledge and know-how of hacking.
“The drive towards cyber security will be a key focus. When I say that, I look into this audience and I see very senior people. There are also young men and women from different state universities this afternoon. Nevertheless, the average age for cyber security cult is 15. So this is not anymore about men and women but this is about boys and girls who have to take over this space. These young people have great hacking capabilities; they do a great job and want to be a part of ethical hacking. We need to get a lot more youth involved in this space. That’s the commitment expected from you in the industry as professionals and business leaders. You will have to bring into the organisations, these very young people to deal with cyber security because they know how hacking works, they know how to play these games, and they are some of the greatest tools and assets that organisations can have in terms of cyber security. We could facilitate but these young people can really do a good job,” he emphasised.
During a panel discussion Canagey discussed the role played by ICTA to encourage organisations to integrate cyber security into their culture.
“ICTA is not an organisation. It’s a facilitator to the industry irrespective of whether they are state or private sector organisations. We are taking great efforts to make organisations aware of cyber security issues. Private sector organisations need to realise that our competition is no longer local but is global. So if Sri Lanka is to move forward to revolutionise the digital infrastructure and go into the global space, we need to start thinking different,” he said.
Discussing the factors preventing Sri Lanka from following proper standards whether in the payment industry, COBIT or Stock Exchange Canagey said; “Standard is a motion that has to come from the top and that’s the type of culture we want. The level of education has to be improved for this. For instance, in the banking industry we will be bringing forward non-collateral based lending. That is one area where the Minister and Ministry of ICT is going to work very closely.
Let’s say you want to start a software company and you want to take a loan and they ask you to bring your mother’s or father’s house as collateral, which is not fair. This is what we need to change but not just for IT; the whole eco-system needs to change. There’s a multi-strategy that needs to work out. Let’s not worry about what has happened in the past. Let’s move forward. Let’s incubate and accelerate a knowledgebase economy, get rid of collateral based lending and also build-in a culture that incorporates youth and develops policy making. We should change this culture to bring in technological revolution in this country.”


Sourced By : www.ft.lk

Experts share key insights to overcoming cyber security challenges



By :Kiyoshi J Berman

The third annual Cyber Security Summit organised jointly by the Daily FT and CICRA Consultancies concluded successfully on Tuesday with a record participation of over 300 representatives from the private and public sector as well university students.

The main objective of the summit held at the Cinnamon Lakeside was to create awareness over the importance of cyber security and to provide top officers in the private and public sectors and IT professionals with best practices in acquiring, implementing, managing and measuring information security postures of their organisations as well as equipping them with countermeasures. The summit also highlighted the current flaws in information security that affect businesses. Discussions and presentations revolved around some of the most malicious attacks and potential threats in the security field.


The inaugural session featured new Minister of Telecommunication and Digital Infrastructure Harin Fernando as the Chief Guest and International Telecommunication Union Asia Pacific’s Senior Advisor Sameer Sharma as the Keynote speaker. Summit’s National Partner ICT Agency Managing Director Muhunthan Canagey and Central Bank Governor Arjuna Mahendran were the Guests of Honour.

The technical sessions featured top experts from CISCO and Microsoft, who were also the Strategic Partners of the Summit and several others. The full-day summit was followed by ‘Night Hack’ – an innovative and informative evening, showcasing the immediate and potential threats and dangers posed by cyber criminals today. Following are highlights from the presentations made at the technical sessions.

Threat intelligence for cyber security 

Srikanta Prasad, Principal Consultant Cisco Security India delivered a presentation on ‘Threat Intelligence for Cyber Security’. Srikanta explained Cisco’s global security intelligence operation known as Talos. It has been named after a giant bronze man in Greek Mythology who protected Europa from pirates and invaders.

In the history of the mitre CVE project for the last 15 years, only 75,544 Common Vulnerabilities and Exploits have been detected. Yet we come across and average of 1.1 million malware per day and this keeps increasing. The threat landscape indicates 19.7 billion total threat blocks daily which accounts to 82 thousand virus blocks, 181 million spyware blocks and 818 million web blocks, he mentioned

Further he further explained that the multi-tiered defence is the way to address these rising threats. “Intelligence powers everything, we pull in tons of data, Intel helps consolidate and make sense of that data. Detection research then utilises that data to fuel all the security products they support. They have reverse engineers, malware analysts, domain reputation, and spam experts take that distilled data and turn it into something actionable.

“Development works on engines that help deliver our intelligence to all the platforms. Either APIs, backend engines that detect known and unknown threats, or actual infield detection engines that are deployed on platforms. They are fuelled by the intelligence and the under fire experience of the response team. The vulnerability development are the zero day hunters, they help us find new threats before the bad guys do, make sure our response teams know about them so they are covered in the products so our customers are protected, and work on new and innovated ways to help protect our customers through the development of mitigations for classes of vulnerabilities.”

Srikanta also mentioned about a few new exploit kits, their functionalities and emphasised why organisations should collaborate to share intelligence data and the part AGEIS, Talos’ partner program, takes in this effort.


Cyber security: Before it becomes an agenda 

The next presentation was by Pierre Noel, the Chief Security Officer and Advisor for Microsoft in Asia spoke on the topic of ‘Cyber Security: Before it becomes an Agenda’.

“What do cyber criminals, hacktivists and terrorists have in common? They have no rules. Let’s talk about what is not working. Just because you have a very nice firewall, do you think these people will stand and attack your firewall while you watch laughing? Of course not! They will find other ways to attack you. They have no rules. If they think your security is really strong but still wants to attack you, it’s very easy. They are going to find a system administrator of the organisation then find his wife, put a girl in front of the system administrator and give a thumb drive and say put that thumb drive to the network of the organisation. That’s the way it works. As the Chief Security Officer, I should be right 100% of the time but they only have to be right one time.”

Having explained the types of malicious hackers out there and how implementing technology alone will miserably fail you, Pierre said: “I’m the Chief Security Officer but I prefer to be called the Chief Resilience Officer. My job is to make sure that no matter what attack they make we are resilient; we go back to business as quickly as possible. We have this philosophy at Microsoft called ‘Assume Breach’. We work on the assumption that the bad guys are there and will succeed which is a much safer assumption that believing that we’re protected all the time. We have a very different perspective and we do pretty well.”

“Organised crime communities are ones you should truly worry about. There is one thing you need to understand, around five or six years ago the organised crime community realised that they could get a lot of money out of cybercrime. We then saw a development inside these organised crime communities. They started recruiting people to develop vulnerabilities, to create malware, to weaponise malware and operate command and control servers. Today, it’s currently accepted that organised crime is making more money in cybercrime than in selling drugs,” he explained.

Emphasising on another current problem Pierre said, the location with the highest ransomware encounter rate in 2Q14 was Russia (0.81%), followed by Italy (0.59%) and Kazakhstan (0.55%). Unlike with many other types of malware, the distribution of ransomware has been highly concentrated geographically, with almost all ransomware encounters taking place in Europe, western Asia, North America, and Oceania. Ransomware encounters were virtually unknown in Central and South America, Africa, the Middle East, and eastern and southern Asia.

Adaptive security architecture 

Vivek Srivastava, Security Lead Commercial for India and SAARC CISCO spoke on ‘Adaptive Security Architecture’.

“Cisco delivers intelligent cyber security for the real world, providing one of the industry’s most comprehensive advanced threat protection portfolio of solutions and services that are integrated, pervasive, continuous and open. Cisco’s threat-centric approach to security reduces complexity, while providing unmatched visibility, continuous control and advanced threat protection across the entire attack continuum, allowing customers to act smarter and more quickly – before, during, and after an attack.”

“With sophisticated threats to any infrastructure, customers are feeling three big challenges. These are, changing business models and attack vectors. How do we maintain security posture and compliance as our IT landscape when mobility, cloud, the Internet of everything – is changing? Secondly the dynamic threat landscape. How do we improve our ability to continuously protect against new attack vectors and the increasing sophistication of threats? And finally the complexity and fragmentation of security solutions. How are we going to work on the first two problems and reduce complexity in our environments at the same time? The combination of these dynamics has created security gaps, broken the security lifecycle and reduced visibility. It also creates increased complexity and management challenges,” he mentioned.

He further explained how you achieve this simplified, more holistic, more scalable model. “The answer is to focus on three strategic pillars across the entire attack continuum and ultimately your entire security system. One is to drive complete visibility, secondly insist on a laser-focus on threats, and thirdly look at how integrated platforms substantially reduce complexity while increasing your ability to scale and provide consistent control. So, why are these three areas so important?

“Being visibility driven is required because you must be able to accurately see what’s really happening in your environment to gain knowledge about your environment and threats. Visibility needs to come from the network fabric, endpoints, mobile devices, virtual environments and the cloud. The more you can see, the more you can correlate this information and apply intelligence to understand context, make better decisions, and take action – either manually or automatically. Next is to be threat focused.

“Policies and controls are important to reduce the surface area of attack, but threats still get through. You need to focus on detecting, understanding and stopping threats. With advanced malware and zero day attacks this is an on-going process that requires continuous analysis and real-time security intelligence, delivered from the cloud that is shared across all products for improved efficacy.

“You have to be platform based. Security is now more than a network issue; it requires an integrated system of agile and open platforms that cover the network, devices and the cloud. These platforms need to be extensible, built for scale and centralised management for unified policy and consistent controls. Customers will move from deploying simply point security appliances to integrating a true platform of scalable, easy to deploy services and applications.”

Impact of Budapest Cybercrime Convention on laws in Sri Lanka

Jayantha Fernando, Program Director and Legal Advisor of ICTA Sri Lanka spoke about ‘Impact of Budapest Cybercrime Convention on Laws’.

“Sri Lanka was invited to join the Budapest Convention this year. We are the first in South Asia to join this Convention which is valid from 1 September 2015. This is a framework to support successful investigation of cybercrime offences and help law enforcement and judicial cooperation at international level,” he said.

Info sec and cybercrime are inter-related; these are two sides of the same coin. Legislation covers the cybercrime areas of computer related crimes where computers used as a tool to commit other offences such as theft, cheating, misappropriation etc. Hacking that affects integrity, availability and confidentiality of a computer system or network. This also includes the spread of malware. And finally, content related cybercrime where computers with internet used to distribute illegal data such as internet-based pornography, criminal copyright infringement, he added.

The Budapest Convention is a solution to deal with legal implications of cybercrime. It’s a combination of three elements. Criminalising conduct that includes illegal access, illegal interception, data interference, system interference, misuse of devices fraud and forgery, child pornography and IPR-offences. Procedural tools for expedited preservation, search and seizure as well as interception of computer data and it enables international cooperation extradition.

Mobility and cyber security

Brian Kealey, the Country Manager for Sri Lanka and Maldives for Microsoft, delivered a presentation on ‘Mobility and Cyber Security’.

“When I think about mobility what it really means is mobility of experience. My data, my persona, my identity, all those things follow me on any device from a $ 25 Raspberry Pie to right through to another device, a large screen. The idea that I can start on one and finish it on another device. It’s about being able to work from anywhere with a connection. With that in mind, what do we do from a security and resilience perspective? We still design fortresses. We put firewalls, security devices, IDSs and secure them. But once you let people inside it’s not a fortress anymore,” he said.

He explained: “60% of the consumer electronic devices are sold in emerging markets and most of them are not built to be connected to the internet but increasingly they are. When these electronic devices are connected to the internet there are security issues. The other day when I was driving, my Apple watch vibrated and said it has an update available. So now my watch is connected to my phone and the phone is connected to the cloud. It’s going to download software from up there. Is that software reliable, secure, is the system is end-to-end to make sure it’s not trapped in my information because by the way, when you send me a text message, it comes up on my watch so it also has my data, my schedule and who I speak to. You got a huge challenge in this aspect.”

“Having said that, he pointed out that we are seeing a shift from cybercrime to cyber espionage. Countries attacking countries, warfare, and terrorism is on the rise. You think that attackers are targeting the Fortune500 but no, it’s any organisation, any small organisation. We are historically worried about malware and vulnerabilities but what we’re actually seeing now is credential theft and scams, so hacking into websites, getting people’s logins and misusing them is commonplace.”

He emphasised that these threats cannot be completely eliminated. From the Microsoft’s perspective, these issues can be addressed in three steps. First is to ruin the economic model of the attacker, second is to take away the fields we know that is to break the attack playbook and the last one is to eliminate the vectors of attack.

Angels vs. Demons: The good, bad and the ugly

The final presentation of the summit was by Krishna Rajagopal, CEO of AKATI Consulting Malaysia. Krishna’s topic ‘Angels vs. Demons: The Good, Bad and the Ugly’ was cleverly taken from two movie titles to emphasise some basic security perspectives.

“We think we are the angels, hackers are the demons. Then what happens is the hackers think, they are the angels and you’re the demon. So what happens within the organisation? The vendors think they are the angels and you’re the demon and the other way around. This is what I want to shed light on,” he said.

“There was a group selling their software called Galileo for infecting machines, intercepting communications and pretty much anything and would sell it to anybody. In Malaysia, we had four clients interestingly. We had the anti-corruption agency which is fine because they want to investigate, we had the police which is fine, then we had the Prime Minister’s department and some other company which was not even known. So the company that was not even known was spying on the other three to see who they were spying on. This was very interesting to see the original name for this company was ‘Hacking Team’ but after July 2015, we called them the Hacked Team because they were massively hacked. Every single customer that was using their product was released. This was 37 countries that were buying from them. These companies were buying exploits from underground, illegal criminals and selling it to countries. So who’s the angel and who’s the demon? Is it lawful or unlawful?

“The best part of the story was that these companies thought that this was the company which was producing these software. They didn’t know that this company was actually outsourcing the whole thing. This company called Kylax was actually creating these zero-day exploits. This is interesting because the countries don’t know about Kylax, they think the Hacking Team develops it, and Hacking Team thinks the one who developed it was Kylax themselves. But Kylax had outsourced it to underground freelancers. the part they didn’t know was that Hacking Team made a backdoor into every single customer that were 37 countries been monitored by Hacking Team while they were busy monitoring other people. This is a double trouble. In this whole equation it’s hard to say who the angel is and who the demon is,” he added.

Krishna also took findings from the famous Ashley Madison website hack to point out that cybercrime can even cause physical deaths, because in this incident four suicides had been reported. After a very entertaining session of latest exploits, Krishna concluded stating that the defence in-depth method is one powerful strategy to defend against cybercrime.

CISCO and Microsoft were the summit’s Strategic Partners while ICTA was the National Partner. The Telecommunications Partner was Sri Lanka Telecom, the Official Payment Gateway Partner was LankaPay, the Official Insurer was Continental Insurance, Official Printers were OfficeMax, LSP, the creative partner was Triad, and the Electronic Media Partners were LearnTV, TV Derana, FM Derana and Ada Derana. The Hospitality Partner was Cinnamon Lakeside.

Several leading and corporate social responsibility-savvy firms came forward to equip university students with the latest knowledge on cyber security.

The Summit saw over 50 students from Jaffna, Sabaragamuwa, Kelaniya, Sri Jayawardenepura and Colombo Universities being enriched with global and local expert presentations on cyber security threats and solutions as well as the future of the ICT industry in Sri Lanka as well as internationally.

The companies which sponsored participation of these students were CIC Holdings Plc, Citi Bank, Carson Cumberbatch Plc, Expolanka Holdings Plc, Vallibel One, Akbar Brothers, People’s Bank, HNB, Access Engineering and Pan Asia Bank.

Sourced by : http://www.ft.lk

Harin to create “digital democracy” with cyber security protection

– Says vulnerability of businesses and individuals to cyber attacks are increasing and ICTA will give highest priority to counter the threat
– Identifies cyber security protection as part of “good governance” .
– New Govt. will also focus on soft infrastructure and not only hard infrastructure to make Sri Lanka globally competitive.
– Cybercrime costs the global economy over $ 400 billion per year.
– 90% of companies worldwide recognise they are insufficiently prepared to protect themselves against cyber attacks.

By Shiran Illanperuma

The new Telecommunication and Digital Infrastructure Minister Harin Fernando yesterday committed to creating a society of digital democracy with cyber security protection for which all stakeholders must unite.

“ I believe that regulators, operators, academics, vendors in communication and IT industries need to work together towards our common goal of creating a society of digital democracy that is protected by cyber security,” Harin told the opening session of a packed third annual Cyber Security Summit held yesterday by the Daily FT and CICRA Consultancies.

“Cyber security preparedness is a national cause that should be supported by all stakeholders through numerous Private-Public Partnerships,” he said, commending the joint initiative in this regard by Daily FT and CICRA.

Over 300 private and public sector representatives as well as young professionals and graduates attended the full-day summit which featured a host of global and local experts.

Having shared the latest data on the global incidents and threat of cyber security, the Minister said it was clear that around the world, including in Sri Lanka, the vulnerability of businesses and individuals to attacks was increasing and would continue to increase in the future with the increased move to digital platforms.

He said ICT played a catalytic role today, where it underpins the development of entire societies. Businesses have gone online and societies have become networked by means of ICT. Within this context, cyber security plays a key role and should be regarded as the highest priority, with its power to potentially paralyse an organisation as well as play havoc with people’s lives.

Fernando said the Global Risks 2015 report, published in January by the World Economic Forum (WEF), shockingly stated that “90% of companies worldwide recognise that they are insufficiently prepared to protect themselves against cyber attacks.” Furthermore, cyber crime costs the global economy over $ 400 billion per year, according to estimates by the Center for Strategic and International Studies.

“The way to counteract this is, as we continue to increase the e-literacy in our country and develop our ICT infrastructure, it is also important to enforce and implement effective cyber security framework simultaneously,” the Minister said.

Earlier in the year, Sri Lanka participated in the Council of Europe Convention on fighting cybercrime, which was a two-day European Union funded International Conference on ‘Assessing the Threat of Cybercrime’.

Budapest Crime Convention

In September Sri Lanka also became the first country in South Asia and second in Asia after Japan to become a state party to the Budapest Cybercrime Convention. This international treaty effectively addresses internet and computer crime by harmonising national laws, improving investigative techniques and increasing criminal justice cooperation among nation states to effectively combat the threat against cybercrime.

“So we assure that the Government is on the right track and is committed to good governance, of which cyber security is a part,” the Minister said.

“The current Government, with its emphasis on soft infrastructure as opposed to hard infrastructure, has given due attention to cyber security and will continue to do so in the future as well,” said Fernando, who is the youngest Minister in the new Cabinet.

He said that the ICTA, which was the national partner for the Daily FT-CICRA Summit, is committed to formulating policies and the required legal framework.

“Then it is the responsibility of each of us where we all have to work together to ensure that cyber security policies and guidelines are enforced and adhered to by all. Further, organisations need to take responsibility to report breaches so that the Government can take action to strengthen security measures,” Harin added.

“As the new Government, we will make aggressive efforts in planning to further enhance this modern ICT infrastructure with the efficient cyber security measures in place simultaneously in order to make Sri Lanka globally competitive,” the Minister said.

He also encouraged local businesses to consider cyber security as a key area and develop expertise in the domain.  “It will be another avenue of business that we can explore,” Fernando added.

At the summit, International Telecommunication Union (ITU) Regional Office Asia Pacific Senior Advisor Sameer Sharma delivered the keynote address on ‘Building Security and Trust in Cyberspace’.

Guests of Honour, Central Bank Governor Arjuna Mahendran and ICT Agency Managing Director/CEO Muhunthan Canagey, also spoke.

Those who made expert presentations were Principal Consultant, Cisco Security, India Srikanta Prasad, on ‘Threat Intelligence for Cyber Security’; Chief Security Officer and Advisor for Microsoft in Asia Pierre Noel on ‘Cyber Security: Before it becomes an agenda’; Security Lead – Commercial, India and SAARC, CISCO Vivek Srivastava on ‘Adaptive Security Architecture’; Jayantha Fernando, Program Director and Legal Advisor, ICTA Sri Lanka on ‘Impact of Budapest Cybercrime convention on laws’;  Brian Kealy, Microsoft Country Manager for Sri Lanka and Maldives on ‘Mobility and Cyber Security’,  and Krishna Rajagopal, CEO, Akati Consulting, Malaysia on ‘Angels vs. Demons: The Good, The Bad and The Ugly’.

The full-day summit was followed by ‘Night Hack’ – an innovative and informative evening, showcasing the immediate and potential threats and dangers posed by cyber criminals.

CISCO and Microsoft were the summit’s strategic partner while ICTA was the national partner. The telecommunications partner was Sri Lanka Telecom, the Official Payment Gateway Partner was LankaPay, the official insurer was Continental Insurance, official printers were OfficeMax, LSP, the creative partner was Triad, the electronic media partners were LearnTV, TV Derana, FM Derana and Ada Derana while the hospitality partner was Cinnamon Lakeside.

Sourced by : http://www.ft.lk