Risk Management for Cybercrime in Sri Lanka

Sri Lanka and Cyber Security

To ensure a free, open, and secure Internet in Sri Lanka, the Internet Society Sri Lanka Chapter has played a significant role. Digital technologies are now seen as a key component of social infrastructure because of how widespread their dependence is. To remind them of the effects of such Internet limitations, the Sri Lanka Chapter collaborated closely with the government, media, academics, private sector, and general public. Cybercriminals are known to choose Sri Lanka as a soft target. The highest encounter rate in the region, according to the 24th edition of Microsoft's Security Intelligence report, was in Sri Lanka, where it was 283% higher than the global average and 229% higher than the Asia Pacific average. Cryptocurrency mining malware, where cybercriminals seek illegitimate profits by using victims' computers to mine cryptocurrency coins like Bitcoin, has increased. The analysis found that Sri Lanka had 100% more ransomware incidents than the rest of the world. However, Sri Lanka saw 109% more malware encounters than the average worldwide country, despite the fact that the global malware encounter rate has dropped by 34%. The proliferation of the Internet of Things (IoT) and access to connectivity have also prepared the path for cybercrime, making cyberattacks important factors in international relations. Higher-ranking members of a hierarchical organization must understand the value of proactively avoiding hazards and reducing those risks if they are to be resilient.


CyberSecurity Bill

As a result, Sri Lanka proposed the Cyber Security Act as part of the National Cyber Security Strategy of Sri Lanka, which is currently being finalized by the Sri Lanka Computer Emergency Readiness Team (SLCERT). This act provides a comprehensive framework for effectively preventing and managing cyber security threats and incidents as well as safeguarding critical information infrastructure. To increase public understanding about cybersecurity, the Sri Lanka Chapter collaborated closely with the Ministry and CERT|CC.

A draft bill on cybersecurity was released for public comment for the first time ever in Sri Lanka, and the Ministry of Digital Infrastructure and Information Technology (MDIIT) and the Computer Emergency Readiness Team and Co-ordination Centre (CERT|CC) requested the public to comment on it.
The objectives of the proposed Cybersecurity Bill are to:

  • Assure that Sri Lanka's National Cybersecurity Strategy is effectively implemented.
  • Prevent, mitigate, and respond efficiently and decisively to cybersecurity risks and incidents.
  • establish the Sri Lanka Cybersecurity Agency to enhance the institutional framework for cybersecurity
  • Protect the essential infrastructure for information.

Strengthening Sri Lanka's Cyber Security: Recommendations


  • Private-Public Partnership

The Cyber Security Act will serve as a single point of contact for information on cyber security in Sri Lanka and will give required guidance to public and commercial enterprises on related issues. The public should be educated, an uniform information-sharing policy should be adopted, and efficient methods for achieving cyber-readiness should be developed in order to encourage tighter cooperation between private and public organizations. New technologies can increase accountability and transparency, but they can also give authoritarian governments new ways to monitor its subjects and create a safer online environment in Sri Lanka. To build a reliable, trustworthy cyber security ecosystem and give residents access to the advantages of digitalization, the government plans to establish a government CERT (GCERT), or a digital government protection unit, a Citizen CERT, and a Military CERT. In order to teach residents about e-literacy, the government should organize workshops with Computer Emergency Response Teams (CERTs) based in Sri Lanka, such as TechCERT, SLCERT, and FINCSIRT. Educating the populace about the consequences of data breaches, how to detect and report a cybercrime, and the effects of a national cyberattack would be beneficial for Sri Lanka in a number of ways.

  1. Being an investment in education, in that by raising awareness among more people, it will help grow cyber defense teams.
  2. Through cyber security education programs, people in Sri Lanka can learn how to safeguard their online identities and exercise caution when using the internet. These programs raise awareness of the dangers and opportunities that the digital era presents.
  3. Generating more chances for people to engage in politics and the workforce.

  • Enhancing Cyber Diplomacy

In order to protect national interests in cyberspace, cyber diplomacy involves the use of diplomatic tools and the execution of diplomatic tasks. In order to tackle cyberwarfare, nations should form strategic alliances and participate in multilateral activities to implement collective actions and work together against shared dangers. By fostering collaboration and elevating cooperation, vulnerable states who are ill-equipped to deal with cyberthreats would have the chance to learn from advanced ones.

Conclusion

Sri Lanka is devoted to comprehending the significance of cyber security and defending the future of cyberspace, and it is counting on the support of important players in the field. Therefore, Sri Lanka has the capacity to develop and carry out new policies to establish a more secure cyber environment by establishing and enhancing cooperation between key actors with the implementation of private-public partnerships, enhancing cyber diplomacy, and cyber security education programs.

References

cld/en/treaties/strategies/sri_lanka/lka0001s.html
Article/defence_article/837

Comments

Post a Comment

Popular Posts