Sri Lanka is on a digital transformation journey, driven by increased smartphone accessibility and COVID-19. However, the nation faces a significant challenge: the need to prioritize cybersecurity as a strategic imperative rather than just a technical concern. Recent cyber incidents, like the ransomware attack on the "gov.lk" domain, highlight vulnerabilities in the government's digital infrastructure and erode public trust.
To achieve its digital goals and become more citizen-centric, Sri Lanka must ensure that all public-sector touchpoints are digital. The government's ability to respond to cybersecurity threats effectively relies on three pillars: people, processes, and technology. Cultivating a culture of security is crucial.
The geopolitical dimension is also vital, as sensitive government data may be accessed by state or non-state actors. The time it takes to detect and contain breaches is concerning. Similar incidents globally emphasize the importance of cybersecurity in safeguarding national security.
Legally, Sri Lanka has taken steps to protect citizen data with the Personal Data Protection Act and the upcoming Cyber Security Bill. However, awareness of cybersecurity's implications must extend beyond legal compliance.
In an era of blurred digital and physical boundaries, a robust cybersecurity stance is not an option but an imperative.
