CSIRT Sri Lanka: Cyber Security for Banking Systems


Local media has been covering the launch of Bank CSIRT (Computer Security Incident Response Team) yesterday, and at ReadMe we take a look at what it does and how it affects us as users of the local banking system.

What is CSIRT?

CSIRT is a collaborative effort between the Central Bank of Sri Lanka, Sri Lanka Banks Association, CERT Coordination Center (Computer Emergency Readiness Team) and Lanka Clear. The main goal is create a collaborative environment in tackling cyber security.

How it operates

CSIRT operates a platform where member banks of Sri Lanka Banks Association have access to. This platform allows quick sharing of information across all stakeholders. The goal is to share information about possible threats, fraud information and possible vulnerabilities. Also, it plans to act as a responder during cyber emergencies such as a hack. CSIRT also plans to introduce security standards to local industry which would help standardize the local e-security infrastructure used by banks.

Although information sharing is a major aspect of this new initiative, sharing of customer information (that’s us) would not happen according to the people involved in this.

How it affects us

As users of the local banking system, we would not see any immediate changes to the way we interact with Banks. But we could more than ever have the peace of mind about the security of our e-banking activities and our personal information stored inside the banking system. The long term benefits of this initiative would be greater due to our increasing dependencies on internet banking and ever-increasing threats from cybercriminals. In the future, the bank robbers caught on CCTV cameras would give way to blokes hiding in a basement hacking away at our accounts stealing money. Efforts like CSIRT are necessary to keep them at bay and it’s an encouraging first step towards keeping our banking system secured.


Please enter your comment!
Please enter your name here