An exciting story unfolded highlighting some significant events that lead to a hacking of a leading bank in the region to a packed audience on 22 September at Hotel Galadari, organised by The Management Club of Mt. Lavinia.
Making his point, Wasantha Perera, a security professional explained why these key events are important in the case relating them from technical to management issues that allowed hackers to go unnoticed until they complete the mission. During his 30 minute presentation he set the ground for the panel discussion held with industry experts moderated by TMC Mt Lavinia Immediate Past Chairman Ashoke Baddage who stimulated the panellists to open up key cyber security related issues in Sri Lanka.
In setting the platform Ashoke requested the panellists to provide more focus on issues related to Sri Lanka so the discussion will help the audience from various industries in banking, manufacturing and services, to state sector to learn why cyber security is important to board rooms.
The panellists were Sri Lanka CERT Chief Executive Officer Lal Dias, National Data Center Consultant Dr. Tariq Marikar, Sri Lanka Parliament Director IT Mahesh Perera and Colombo Stock Exchange Security Consultant and Adviser Wasantha Perera.
In answering questions, Dias mentioned the focus and the plans from a government perspective in order to face imminent cyber attacks at national level. He also discussed setting up of a 24x7 Security Operation Centre that could help its stake holders, mainly government agencies to seek help in relation to cyber crime.
Mahesh Perera highlighted key initiatives that the parliament has taken in recent past in digitisation of the Parliament and the importance of cyber security when delivering the public services. He stressed the point that pure IT security systems alone cannot prevent possible cyber attacks and the responsibilities of users and adoption of proper governance inside organisations.
Dr. Tariq Marikar took the discussion from National Data Center point of view why and how this could help government agencies to prevent attacks on their websites. In recent past there were multiple attacks on key Government websites that were hosted in various places. These attacks may damage the reputation of these organisations. He also explained how public services could be deployed at a lesser cost and increased efficiency.
Questions were asked as to how corporates in Sri Lanka could be educated on the roles and responsibilities at the board level and answering the question Wasantha Perera said various forums are discussing this at length and senior management of companies are yet to understand the seriousness of security at policy level rather that leaving the issue as yet another IT investment.
The panel also discussed the role of a Chief Information Security Officer commonly known as CISO in Sri Lanka and it was revealed that this is still new to our corporates and immediate attention is needed for this before it’s too late. In conclusion, moderator Ashoke Baddage summarised the discussion as to why cyber security should be a board room discussion and the session was well received by the audience.