These are services which are triggered by events that are capable of causing adverse effects on a constituents Cyber Systems. Examples are Spam, Virus infections and unusual events detected by an Intrusion Detection System.

Incident Handling

This service involves responding to a request or notification by a constituents that an unusual event has been detected, which may be affecting the performance, availability or stability of the services or cyber systems belonging to that constituents. There are many types of Incidents. Some typical examples are:

  • Malware (Viruses, Trojans, Backdoors, etc)
  • Website Defacement
  • DoS Attack
  • Phishing
  • System Compromise
  • Hate/Threat Mail
  • Identity/Information Theft

Sri Lanka CERT | CC will perform steps to identify the incident and rate the severity of that incident. The constituents will then be advised on how to contain the incident and eradicate the cause. Once the systems are fully recovered, Sri Lanka CERT | CC will submit a comprehensive Incident Report detailing the nature of the incident, steps taken to recover from the incident and recommended preventive measures for the future. Sri Lanka CERT|CC however will not support the investigation of hate mail or threatening e-mails. Further, social media related harassments and misinformation are not considered as Cyber Security incidents. Sri Lanka CERT | CC will not cater for these types of issues. Victims are advised to take legal action through Sri Lanka Police in such situations.

These services are designed to educate our Constituents on the importance of Information Security and related topics ranging from Information Security Fundamentals and best practices to more immediate issues, such as the latest cyber threats and attacks.

Alerts & Advisories

This is service that provides early warning signals to the Constituency regarding Computer Viruses, Hoaxes, Security Vulnerabilities, Exploits and other security issues, and where possible, to provide short-term recommendations for dealing with the consequences of such attacks.
Currently, alerts are posted on Sri Lanka CERT | CC website and Facebook page. Constituents may also join the mailing list by subscribing to receive alerts via e-mail.

Seminars & Conferences

These services are provided with the intention of raising awareness about the most current Information Security issues, Security Standards and best practices. The aim is to help Constituents to significantly reduce the probability of being victims of a cyber-attack. Seminars can even be tailored to address specific Information Security related issues through special requests.
These events may incur a charge, particularly if they are organized at the request of a constituents, depending on the number of participants, resource persons employed and venue etc.

Workshops

These services are also aimed at increasing the Constituency’s awareness of Information Security. However, unlike Seminars, these are more technically oriented and targeted at IT professionals, who perform daily tasks related to Information Security. Workshops will be arranged regularly, or on request, by Sri Lanka CERT | CC for its constituents addressing general topics. If desired, constituents may submit specific Information Security related topics, so that the workshops are tailored to their needs.
These events may incur a charge, particularly if they are organized at the request of a constituents, depending on the number of participants, resource persons employed and venue etc.

Knowledge Base

The Knowledge Base is a passive service offered by Sri Lanka CERT | CC to interested Constituents through documents, articles, news items, etc. published on the Sri Lanka CERT | CC website and the Media. The aim of this service is to provide a range of Knowledge Resources to the Constituency, enabling anyone from a home user to an IT professional to find useful information to help boost their understanding of Information Security. A glossary is also made available and will be updated to reflect terminology used in the IT industry.

These services are aimed at providing Constituents with a means of determining the adequacy of their Information Security systems, and (if found necessary) to take necessary steps to strengthen its defences.

Technical Assessment

This service is aimed at reviewing and analysing the security infrastructure and procedures adopted within an organization based on the experience of Sri Lanka CERT | CC's Information Security Team and certain predefined parameters. The end result is a detailed report on the weaknesses of the client organization's current ICT infrastructure, where improvements need to be made and how such improvements should be implemented. These services may come at a charge, depending on the size of the ICT infrastructure, depth of the investigation and time required for the assessment.

Advisory for National Policy

This is a service that is performed by Sri Lanka CERT | CC as an obligation to the nation. As the primary authority on Information Security in Sri Lanka, Sri Lanka CERT | CC is responsible for developing, introducing and enforcing Information Security Standards to its constituency.