• Regulatory authority to oversee standards in public and private sectors 

The Ministry of Digital Economy stated that new cybersecurity laws, which are currently being drafted, would make it mandatory for both private and public institutions to implement an annual compliance readiness strategy on cybersecurity. When contacted by The Daily Morning yesterday (24), Ministry Secretary Waruna Sri Dhanapala said that cybersecurity efforts had so far largely been handled by the Sri Lanka Computer Emergency Readiness Team (SLCERT), but that a new Cybersecurity Regulatory Authority would be established under the proposed laws.

He said the new authority would be granted regulatory powers over both public and private institutions. “There are both proactive measures to avoid cyber crimes and also what to do after such an event,” he said.Dhanapala added that the proposed legislation was based on a Bill initially drafted in 2019, but several new sectors had since been added due to the rapid rise of social media-related and cyber-related offences. “Under this, the measures and regulations relating to cyber war crimes in the international domain will also be regulated,” he said.He further said that institutions failing to comply with the regulations could face fines and mandatory consultations.