By: Staff Writer
November 28, Colombo (LNW): Sri Lanka’s Computer Crimes Act (CCA) requires urgent modifications to address modern cybersecurity threats effectively, according to Public Security Ministry Secretary Ravi Seneviratne.
Speaking at the 10th Annual Cyber Security Summit hosted by Daily FT and CICRA, Seneviratne stressed the inadequacy of current mechanisms in combating cybercrime and highlighted the pressing need for legislative updates and enhanced training for law enforcement.
Enacted in 2007, the CCA criminalizes unauthorized access to computers, data, and programs and provides guidelines for investigating and prosecuting such crimes.
However, the Act’s fixed penalties—imprisonment up to five years or fines up to Rs. 300,000—are considered insufficient for addressing the evolving complexity of cybercrimes, such as hacking and cyber-attacks.
Experts also point out the lack of provisions to distinguish between varying degrees of offenses based on their impact, underscoring the need for a “proportional punishment” framework.
Seneviratne admitted that current enforcement mechanisms are outdated and called for legislative reforms to align with evolving cyber threats. A research paper on modernizing Sri Lanka’s cybercrime laws echoes this sentiment, emphasizing the necessity of incorporating principles of proportional punishment to achieve the objectives of criminal law.
The pending Cyber Security Act, which proposes establishing a Cyber Security Agency and granting the Sri Lanka Computer Emergency Readiness Team (SL CERT) enhanced powers, has also been identified as a critical measure.
LankaPay CEO Channa de Silva urged swift parliamentary approval of the Act, noting that SL CERT’s current inability to enforce cybersecurity guidelines leaves organizations vulnerable. De Silva also emphasized the importance of separating military and civilian cybersecurity to safeguard key civilian infrastructure like water and electricity boards.
Highlighting the global dimension of cybercrime, Visa India and South Asia Vice President Vipin Surelia revealed that cybercrime costs are projected to reach $10.5 trillion in 2024, with a staggering annual growth rate of 32%. He identified key drivers behind this trend, including the rise of AI-powered attacks, advanced tools leveraged by cybercriminals, and vulnerabilities in non-traditional payment methods.
The summit underscored the critical need for Sri Lanka to modernize its cybercrime framework and strengthen institutional defenses. Enhancing legislative measures, equipping law enforcement with advanced skills, and segregating military and civilian cybersecurity operations were identified as essential steps to fortify the nation against rising cyber threats.
