It is 2023 and Sri Lanka would not have a cyber safety authority

Sri Lanka’s Ministry of Expertise has confirmed it can have a cyber safety authority – in some unspecified time in the future.

In accordance with native media, state minister Kanaka Herath advised the Cyber Safety Convention in Colombo that efforts to create a cyber safety authority in 2023 are underneath means.

The authority is established by means of the Cyber Safety Invoice [PDF] as a part of a wider technique. The invoice is predicted to be submitted to the nation’s parliament this yr.

Sri Lanka ranks 81st out of 175 international locations within the Nationwide Cyber Safety Index. In January, it scored a 0 for defense of digital and important providers. The nation was, nonetheless, given 9 out of 9 factors for training {and professional} growth.

But, as of 2020, Sir Lanka claimed membership among the many third of nations that didn’t have some type of a nationwide cyber safety technique.

The International Cybersecurity Index in 2020 listed over half of the world’s international locations as having a pc incident response crew (CIRT) and virtually two-thirds as having some type of a nationwide cyber safety technique.

In accordance with administration consulting agency Kearney, in Asia many CIRTS play the position of de facto nationwide cyber safety businesses – for higher or worse.

The European Union developed a region-wide cyber safety technique in 2013 – however growing such a framework has been harder for ASEAN, of which Sri Lanka is a member. The area is bifurcated by having some international locations – like Singapore, Malaysia, Thailand and the Philippines – with methods in place, whereas others don’t.

In accordance with Kearney, ASEAN faces challenges in pulling collectively a unified framework “largely due to the inherent absence of an influence to legislate or veto budgets and appointments.”

“The dearth of sector-specific governance and insurance policies is a region-wide concern, leading to restricted transparency and an absence of sharing of risk intelligence,” mentioned Kearney. ®