Sri Lanka formally launched its National Cyber Security Strategy (2025–2029) on 19 September 2025 at the Bandaranaike Memorial International Conference Hall (BMICH), Colombo. The event was held under the patronage of President Anura Kumara Dissanayake and marked a major milestone in the country’s digital transformation journey, aligning national security, public services, and the digital economy under a unified cyber security vision. :contentReference[oaicite:0]{index=0}

Event Overview

The launch of the Strategy took place alongside the opening of the National Cyber Security Operations Center (NCSOC), reflecting Sri Lanka’s decision to pair long-term policy with 24×7 operational capability. The event was organized by the Ministry of Digital Economy and the Sri Lanka Computer Emergency Readiness Team (Sri Lanka CERT), with technical support from the World Bank. :contentReference[oaicite:1]{index=1}

The National Cyber Security Strategy (2025–2029) was formally presented to President Anura Kumara Dissanayake, who also serves as the Minister of Digital Economy, by Hon. Eranga Weeraratne, Deputy Minister of Digital Economy. Senior officials, including representatives from the Prime Minister’s Office, the World Bank and national digital policy institutions, also participated in the ceremony. :contentReference[oaicite:2]{index=2}

Vision and Core Objectives

The Strategy aims to build a secure, reliable and inclusive digital ecosystem that supports national development, protects citizens and strengthens public trust in digital services. It sets out a structured roadmap for 2025–2029 with several core objectives: :contentReference[oaicite:3]{index=3}

• Establishing a comprehensive legal and administrative framework for cyber security and cyber resilience across the public sector.
• Developing a skilled cyber security workforce with the knowledge and technical capacity to secure critical systems and digital services.
• Enhancing public awareness and online safety, including targeted programmes for schoolchildren and vulnerable communities.
• Improving the cyber readiness of state institutions, with clear roles, responsibilities and incident-response procedures.
• Strengthening the institutional capacity of Sri Lanka CERT as the national focal point for incident coordination and cyber threat intelligence.
• Protecting critical digital infrastructure managed by key government agencies and essential services.
• Promoting multi-stakeholder collaboration with the private sector, academia, civil society and international partners to maintain a secure cyber space.

Key Focus Areas for 2025–2029

To operationalize its vision, the Strategy defines several priority domains for the next five years:

• Governance & Policy: clear national leadership, defined mandates and coordinated governance structures to steer cyber security efforts.
• Legal & Regulatory Frameworks: updating laws, regulations and standards to address cybercrime, data protection and critical infrastructure protection.
• Critical Infrastructure Protection: safeguarding digital systems that support immigration, taxation, transport, public finance and other essential services. :contentReference[oaicite:4]{index=4}
• Threat Monitoring & Early Warning: leveraging NCSOC to provide 24×7 monitoring, early detection and rapid notification of emerging threats.
• Capacity Building & Skills Development: upskilling technical staff, public officers and decision-makers in modern cyber security practices.
• Public Awareness & Online Safety: nationwide campaigns to promote safe digital behaviour and responsible use of technology.
• International Cooperation: working with regional and global partners to share threat intelligence, best practices and standards.

Leadership Perspective

In his address, President Anura Kumara Dissanayake emphasized that Sri Lanka’s economic recovery and long-term growth depend on efficiency and transparency across all sectors, enabled by digitalisation. He noted that countries which rapidly harness advances in science and technology are able to move quickly toward the forefront of development, while those that fail to adapt risk being left behind. :contentReference[oaicite:5]{index=5}

The President underscored that cyber security is now a critical pillar of national security, economic stability and citizens’ daily lives. The Strategy, together with the operational capabilities of NCSOC, is expected to provide the foundation for a trusted, resilient and inclusive digital state.

Role of Sri Lanka CERT and Partners

Sri Lanka CERT plays a central role in the implementation of the Strategy, acting as the national coordination hub for cyber incidents, threat intelligence and technical guidance. Working under the Ministry of Digital Economy, and supported by the World Bank and other development partners, CERT is tasked with:

• Coordinating incident response across government and key national infrastructures;
• Issuing advisories, alerts and technical guidance to public and private stakeholders;
• Supporting sectoral CSIRTs and institutional cyber security teams; and
• Driving national-level capacity building and awareness programmes.

Looking Ahead

The National Cyber Security Strategy (2025–2029) provides Sri Lanka with a structured roadmap to secure its digital economy, protect public services and build public trust in online platforms. Implemented in tandem with the National Cyber Security Operations Center, it is expected to significantly enhance national preparedness, strengthen institutional capabilities and support safe digital innovation across government, industry and society.