Sunday Dec 15, 2024
Thursday, 3 November 2016 00:00 - - {{hitsCtrl.values.hits}}
By Hiyal Biyagamage
Telecommunication and Digital Infrastructure Minister Harin Fernando yesterday called for greater public-private partnerships to mitigate increasing cybercrimes and threats.
“Today, critical infrastructures such as transportation, electricity, water supply and healthcare can be targeted by cybercriminals. Therefore, all public and private institutions need to work together to form a public-private partnership for capacity building in law enforcement and the Judiciary as well as training and dealing better with cyber attacks. This should be high on the agenda,” the Minister said at the Annual National Conference on Cyber Security yesterday,
“Cyber crimes cannot be handled by isolating ourselves. There has to be extensive cooperation and coordination, both internally and externally. The old divided lines between defence and security law enforcements, the Judiciary, public and private are invalid when it comes to dealing with cyberspace. Therefore, governments need to coordinate activities across ministries and departments with the help of a broad national cyber security strategy. This whole process needs the involvement of private entities as well,” stressed Fernando.
The Annual National Conference on Cyber Security has been organised for the 9th consecutive year by the Sri Lanka Computer Emergency Readiness Team (Sri Lanka CERT | CC) and ICTA Sri Lanka. Every year, the conference attracts local and international cyber security experts. This year’s conference was hosted under the theme of ‘Security vs. Privacy: a balancing act?’.
Minister Fernando also said cyber security threats were increasing day by day and it was important that Sri Lanka got its own National Security Operations Centre (SOC) for cyber security. Back in August, Fernando said that the Government would invest more than Rs. 1 billion to develop the facility and ICTA CEO Muhunthan Canagey confirmed Minister’s roadmap for the National SOC, confirming that the tenders are already out for the project and ICTA would map the best practices of international cloud advocates to build it. He also said that Sri Lanka would become an ICT-driven nation and cyberspace would be a major medium of service delivery.
“The national security strategies adopted by most countries have made mitigation of cyber security manipulations a top priority. It is a global problem and therefore needs a global response. The exchange of information and analysis of cyber attacks to harmonise legal definitions and legislations for cyber conflicts is an absolute necessity. Therefore, the establishment of partnerships with the global community is of paramount importance to successfully fight cyber criminals and strengthen Sri Lanka’s cyberspace,” he said.
he added, “Becoming a state party in the Budapest Convention in September 2015 brings many benefits for Sri Lanka. This includes the establishment of a 24/7 high-tech crime unit within Sri Lanka whose whole role will be to relentlessly disrupt serious organised crimes and reduce numerous cyber threats in Sri Lanka. Citizens and companies should be encouraged to report crime more often since they cannot be solved if they are not reported in the first place. It is important to create awareness for Government departments as well as the general public, in order to identify different types of cybercrimes.”
Fernando suggested several steps at the conference that should be practised by everyone to help Sri Lanka’s journey towards making cyberspace more secure.
“We have to recognise that it is the responsibility of the Government to ensure that national networks are secure and have not been penetrated. To achieve this, national cyber activities need to be coordinated at the district, provincial and institutional levels. Centralised bodies such as Sri Lanka CERT, law enforcement agencies and legislation should focus on areas where it has particular competence such as protecting critical infrastructure as well as coordinating legal structures, regulatory compliances for managing networks, consumer protection, privacy and anti-terrorism.”
“The national security policy will be needed to extend the cyber security agenda in order to take the message to people that cyber security is compatible with individual rights, privacy and freedom of speech. The national security and defence policy can be used to further strengthen Sri Lanka’s cyber security agenda and this policy should also ensure that military operations and civilian missions are protected against cyber attacks. Cyber defence should be made an active capability of the country as a whole. It is crucial that Sri Lanka shares their experiences with neighbouring countries in order to coordinate better cyber security activities,” Fernando said.
The Government has already closed the largest-ever information system tender for a National Digital Identity system budgeted at $ 100 million to provide every citizen with a cryptographic private key. With that and several other initiatives in the pipeline to increase the connectivity of citizens, Fernando fears that a rise in cyber threats is also imminent.
“With projects like the digital identity card, digital wallet and distribution of 500,000 tablets for students coming up, Internet penetration will gradually increase. This will pave the way for different types of cyber threats. It is our duty to educate Sri Lankans and show them how these cyber threats could be mitigated. The Internet is a brilliant tool if you know how to use it wisely. It is our responsibility to teach society and kids how to do that,” stated Fernando.
National cyber security strategy
Speaking at the conference, Sri Lanka CERT Chief Executive Officer Lal Dias said the internet continued to be a powerful tool in shaping the future of Sri Lanka and the entire global economy.
“Modern technology and the internet have enabled remarkable innovation, collaboration and growth. At the same time, information security professionals are playing a central role, ensuring cyber security,” he said.
The national cyber security strategy will be announced later this year and will identify the methods of hostile attacks that can disrupt cyberspace as well as large-scale cyber crimes perpetrated by well-organised cyber criminals, Dias told the audience. He ensured that the significant increase in the level of organised cyber crimes globally and how they were going to affect Sri Lanka would be looked upon and discussed as a top priority.
“As we continue to roll out e-Government services, the chances of having Government services compromised will get bigger. The national cyber security strategy sets out the Government’s approach to strengthening Sri Lanka’s cyber security strategy and is supported particularly by the proposed establishment of the National Cyber Security Operations Center. Through this, the Government has committed to substantially invest to protect and promote Sri Lanka in the digital world. This will help Sri Lanka tackle cybercrimes and make Sri Lanka a safer place to do business within cyberspace and to be more resilient towards cyber attacks, creating a more stable and vibrant cyberspace for the Sri Lankan public.”
Cybercrimes are borderless and cyber criminals threaten Sri Lanka from different locations across the globe. International collaboration will be a vital part in mitigating these risks. Sri Lanka becoming a fully-fledged member of the Budapest Convention on Cybercrime was one step towards that, he stressed.
“The Budapest Convention is the first international treaty seeking to address internet and computer crime by harmonising national laws, improving investigative techniques and increasing cooperation among nations. This signals our willingness to support other countries to tackle this global phenomenon. In addition to this, SLCERT is a member and the national point of contact for both the Asia Pacific CERT and the Forum for Incident and Response Security Teams (FIRST), which are the regional and global organisations respectively for coordinating cyber security activities,” said Dias.
Estonia Ambassador Riho Kruuv delivered the keynote address at the Conference which also featured several international and regional speakers.
Pix by Sameera Wijesinghe