Key Milestones

February 2020

The Root CA of the National Certification Authority. ( ) is the highest level Certification Authority in Sri Lanka. The National Certification Authority (NCA) is the overall governance as well as the standard setting entity to facilitate the smooth and effective functioning of Certification Service Providers (CSPs).

July 2018

The launch of the Nation’s first National Information and Cyber Security Strategy was a major milestone in the history of Sri Lanka CERT. The five-year implementation plan (2019-2023) of the strategy is currently in progress.

January 2018

Sri Lanka CERT obtained operational independence from ICTA to function directly under the Ministry of Telecommunication and Digital Infrastructure, and Foreign Employment.

June 2016

The Computer Security Incident Response Team for the Education sector (EduCSIRT) was established with a mandate to respond to cyber security related incidents in the education sector, and to conduct capacity building activities for ICT teachers in schools.

September 2015

Sri Lanka became a state party to the Council of Europe’s Convention on Cybercrime (ETS 185 of 2001). This was a historic policy achievement, as Lanka became the first country in South Asia (the 2nd country after Japan, in Asia) to accede to the Convention.

June 2014

Together with the Central Bank of Sri Lanka and the Sri Lanka Bankers Association, successfully established the Financial Sector Computer Security Incident Response Team (FinCSIRT), whose mandate is to receive, review, process and respond to computer security incidents affecting Banks and Financial Institutions in Sri Lanka, whilst escalating unresolved issues to Sri Lanka CERT|CC.

July 2011

In order to reflect the establishment of industry sector-based CSIRT’s in the country, Sri Lanka CERT transformed itself to being a CERT Coordinating Centre by successfully applying and obtaining authorization to be included in the global CERT listing as a Coordinating Centre.

June 2009

Obtained the membership of the Forum of Incident Response and Security Teams ( ) which is an international body of trusted computer incident response teams who cooperatively handle computer security incidents and promote incident prevention programs.

March 2008

Obtained the membership of Asia Pacific Computer Emergency Response Team ( ) which is a trusted network of computer security experts in the Asian region whose aim is to improve awareness and competency in relation to computer security and to develop measures to deal with large-scale security incidents.

July 2006

Sri Lanka CERT was established as a subsidiary of ICTA