ICTA MD/CEO Muhunthan Canagey
ICT Agency of Sri Lanka Managing Director/CEO Muhunthan Canagey shared his views on Sri Lanka’s role on cyber security at the EC Council Cyber Security Summit 2015.
Canagey explained that Sri Lanka is taking leaps in developing the infrastructure for a digital economy.
“The new Government’s aim is to get all state buildings linked across the country. A project is been carried out for linking up 3,500 state buildings with 100 megabyte connectivity to each other and to an information back bone of 100 gigabytes across all 25 districts. This means any state official would be able to work across any of the state buildings irrespective of the location they are in. So if you have an appointment at the Ministry of Finance and afterwards let’s say you have to go for a meeting at the Ministry of Foreign Affairs or our ministry; with the same login you would be able to work across all ministries. Now that’s the type of environment we are bringing in,” he said.
“While we do that, we are also ensuring that the citizens will be able to engage themselves in Government related services. These are all e-services and by 2018 we intend to have the entire Government’s services available as e-services for citizens, allowing them get all their services across mobile platforms. That’s the vision we have to move forward. The next step that the ICTA will actually take is to work forward along with the financial institutions in the country to develop the national payment platform for Government payments; starting with the Sri Lankan customs as the first payment service. This would allow citizens to tap all bank accounts into one app and be able to make transfers and payments across all Government portfolios,” he added.
Digital economy entails many security challenges. These cannot be dealt by the Government or any institute alone. Information security is an ongoing process which requires people, process and technology to align together.
“These services all sound fancy and as the way to move forward. But on the other side we have to consider the cyber security aspects. While we keep opening our doors, there are more threats coming in. The SL-CERT, a subsidiary of ICTA does an enormous amount of work in ensuring citizens are protected on a day-to-day basis. They have large volumes of hacks that are reported to them daily. ICTA takes cyber security very seriously and we are the first in South Asia to enter the Budapest Convention; the cross-border contractual agreements which will be taking place in this regard,” he stated.
He further explained the importance of having a cyber security culture within organisations in Sri Lanka. All technological measures to safeguard information assets in organisations would fail if the concept of cyber security is not instilled within the organisation and its employees.
“We need to bring cyber security into our lives, our culture because everything we do is going to be online and in the future, we really need to take this area forward. We are planning to implement the National Security Operations Centre (SOC) by March 2016,” he added.
Canagey also pointed out that it’s time for organisations to start investing in the skills of young people who have high technical knowledge and know-how of hacking.
“The drive towards cyber security will be a key focus. When I say that, I look into this audience and I see very senior people. There are also young men and women from different state universities this afternoon. Nevertheless, the average age for cyber security cult is 15. So this is not anymore about men and women but this is about boys and girls who have to take over this space. These young people have great hacking capabilities; they do a great job and want to be a part of ethical hacking. We need to get a lot more youth involved in this space. That’s the commitment expected from you in the industry as professionals and business leaders. You will have to bring into the organisations, these very young people to deal with cyber security because they know how hacking works, they know how to play these games, and they are some of the greatest tools and assets that organisations can have in terms of cyber security. We could facilitate but these young people can really do a good job,” he emphasised.
During a panel discussion Canagey discussed the role played by ICTA to encourage organisations to integrate cyber security into their culture.
“ICTA is not an organisation. It’s a facilitator to the industry irrespective of whether they are state or private sector organisations. We are taking great efforts to make organisations aware of cyber security issues. Private sector organisations need to realise that our competition is no longer local but is global. So if Sri Lanka is to move forward to revolutionise the digital infrastructure and go into the global space, we need to start thinking different,” he said.
Discussing the factors preventing Sri Lanka from following proper standards whether in the payment industry, COBIT or Stock Exchange Canagey said; “Standard is a motion that has to come from the top and that’s the type of culture we want. The level of education has to be improved for this. For instance, in the banking industry we will be bringing forward non-collateral based lending. That is one area where the Minister and Ministry of ICT is going to work very closely.
Let’s say you want to start a software company and you want to take a loan and they ask you to bring your mother’s or father’s house as collateral, which is not fair. This is what we need to change but not just for IT; the whole eco-system needs to change. There’s a multi-strategy that needs to work out. Let’s not worry about what has happened in the past. Let’s move forward. Let’s incubate and accelerate a knowledgebase economy, get rid of collateral based lending and also build-in a culture that incorporates youth and develops policy making. We should change this culture to bring in technological revolution in this country.”