LMDtv 2
In the process of achieving digital dependence, cybersecurity has emerged as the invisible backbone of national security. “You can’t have a functioning economy or defence system without a stable cybersecurity foundation,” the Regional Director of eSec Forte Technologies Lanka Rosharn Amarasinghe asserted, on a recent edition of LMDtv.
He explained that cybersecurity extends far beyond technical installations or firewalls, and is a national responsibility that’s built on policy, collaboration and vigilance.
“It’s not simply about installing machines or running software. You need clear policies to identify your data, secure it and ensure national safety – especially in critical infrastructure,” he elaborated.
Amarasinghe said that traditional warfare defined by physical borders and military might has given way to invisible cyber battles, which are being waged across networks and devices.
“A 14 year old sitting at home would be able to compromise a system simply because an organisation had one small flaw,” he warned.
And Amarasinghe cautioned that cybersecurity threats rarely target one system in isolation: “If even a remote employee’s device is compromised, it can become a gateway to critical networks where military data, company databases or consumer information can be stolen in one strike.”
Asked whether Sri Lanka is adequately prepared to face major cyber threats, he said that it’s work in progress. “While we have made notable investments in systems and infrastructure, the challenge lies in awareness and coordination,” he observed.
According to him, effective cybersecurity requires collective action.
Amarasinghe asserted that “you need stakeholder support from all parties – the military, nonmilitary, and political and government institutions. There are some isolated efforts but we’re still working in silos.”
He added that continuity of policy is essential: “We can’t have cybersecurity strategies changing with every government. Policy stability is most important.”
The government has already taken positive steps, including launching a new national cybersecurity policy framework, Amarasinghe opined. However, the focus must now be on implementation and consistency.
“It’s necessary to continue the same cybersecurity policies regardless of political changes. We have strong entities such as the Sri Lanka Computer Emergency Readiness Team (Sri Lanka CERT) to support both public and private institutions but continuity will define long-term success,” he maintained.
Amarasinghe believes that integrating cybersecurity into school curricula and university programmes is essential but not sufficient: “We have plenty of talent in Sri Lanka but much of it is untapped or misdirected.”
He argued that education must move beyond theory to focus on practical applications: “You can have all the paper qualifications but without hands-on experience, you can’t meet real world challenges.”
Amarasinghe also pointed to the role of research institutions: “Countries such as India and the US have dedicated research bodies looking for vulnerabilities and sharing knowledge. Sri Lanka needs the same model to identify and plug gaps proactively.”
A recurring concern is the lack of cybersecurity literacy among the leadership.
“Cybersecurity shouldn’t be confined to IT divisions; it must be understood across ministries and agencies alike. The biggest risk lies in nontraditional divisions not considering themselves to be potential targets,” he lamented.
Mandatory cyber awareness programmes are needed across all sectors, he stressed: “All officials handling data should be knowledgeable on phishing, authentication and secure data practices since this is a shared vision.”
Amarasinghe concluded with a powerful reminder: “Cybersecurity is no longer about machines – it’s about people, awareness and collaboration. We must consider it a shared national mission and not simply a technical function.”
