President to launch National Cyber Security Operations Centre in Sept

By PRANAVESH SIVAKUMAR   

The National Cyber Security Operations Programme, under which as many as 40 government sites with outdated technology and weak passwords will be protected and secured, is to be launched next month, under the auspices of President Anura Kumara Dissanayake, an official from the Sri Lanka Cyber Emergency Readiness Team (SLCERT) told Daily Mirror.   

The programme would also coincide with the launch of the National Cyber Security Strategy for 2025-28, in the third and fourth week of September, SLCERT Senior Information Engineer Charuka Damunupola, said.   

“The two main events that will eventually line up all these critical information systems, protection of government information systems – all these would be set up after the inauguration of those two events,” he explained.   

Adding that, “mainly, we are looking at onboarding 40 state sites at the National Cyber Security Operations Centre (NCSOC). NCSOC would be actively tracking cyber threats within government organisations. We are looking to launch in the third and fourth week of September.”   

Right now, we don’t have an active mechanism to detect cyber threats affecting the system. In future, it will be 24/7. Right now, it is only a reactive measure – after the incident, we investigate, and we suggest recommendations. This is the main idea behind the security operations centre, he explained.   

This launch was prompted after aforesaid number of sites were found with outdated technology, weak passwords and vulnerable to cyber-attacks.   

In the last year alone, there were eight cases related to government website hacking, including document printing, the meteorology site, the education ministry site and a few other provincial-level sites.   

Explaining the causes, “In every case, what we’ve understood, their technology stack used to develop is very outdated. These sites have been updated or had security patches for so many years. That’s the main reason. They’re using very old technologies, and vulnerabilities are large. They also have undergone a vulnerable assessment process recently”.