15th February 2017 Colombo, Sri Lanka
Staying safe in cyberspace
The UK and Sri Lanka are both island nations. This doesn’t mean much, however, when it comes to cyber security.
Earlier today, I addressed a group of nearly 50 Chief Information Officers and IT Directors from across the Sri Lankan civil service. This was as part of a project the UK is funding with our Sri Lankan partners Information and Communication Technology Agency (ICTA) and Computer Emergency Readiness Team (CERT) to improve cyber security capabilities and support development of a national cyber security strategy.
The ICT sector is Sri Lanka’s fifth largest revenue earner. It’s also the critical vector for many other revenue earners, such as tourism, where bookings and payments are increasingly done online. The UK is Sri Lanka’s third highest source of tourists, so increasing online tourist consumer protection is a good example of where what’s good for Sri Lanka is good also for the UK.
Because if you don’t know someone who has had their email hacked, or received a phishing email trying to steal your passwords, you are both unusual and very lucky. Cybercrime is the fastest growing global crime threat. Cyber attacks are one of the top four threats to UK national security, costing the UK economy an estimated £34 bn a year.
Cyber-attacks continue to increase in frequency, severity, and sophistication: 65% of large British businesses reported a cyber breach or attack in the past 12 months. Every day a UK firm or organisation’s website is compromised by hackers or another form of cyber attack. Sri Lanka is not immune to this threat: there have been several high profile website hackings in recent months.
None of us can defend ourselves on our own. The only way to stay even one step ahead of the scale and pace of the threat we face is through a team effort.
On 14 February, Her Majesty The Queen opened the UK’s new National Cyber Security Centre, a Government centre of excellence which will work hand in hand with industry and academia to keep the UK safe from cyber-attacks.
But cybercriminals operate across borders, and we can only defeat them if we co-operate across borders.
That’s why Sri Lanka’s accession to the Budapest Cyber Crime Convention in September 2015 was so welcome. Budapest is the first international treaty to address internet and computer crime. And Sri Lanka was the first country in South Asia to join. Budapest aims to keep us all safer by harmonising national laws, improving investigative techniques, and increasing cooperation among nations. By expanding that partnership into South Asia, Sri Lanka’s accession helps protect us all.
The UK has developed world-leading cyber security technologies. Our cyber security market is the third largest in the world after the US and Japan, and contributes to building a more trusted and resilient digital environment around the world.
The UK Cyber Security Strategy sets out all our thinking, and brings real meaning to these international partnerships through targeted funding. The project I was speaking at this week will also build Sri Lankan capacity to investigate cyber crimes and ensure the right people benefit from the best international training programmes on web app penetration testing and ethical hacking, hacking forensics investigation, mobile device security and so on.
Critically, it will also support public information campaigns: we all need to take responsibility for keeping ourselves and our data secure.