Sri Lanka Financial Sector Computer Security Incident Response Team

(FinCSIRT)

"Together, We Build a Secure Financial Sector"

About FinCSIRT

Sri Lanka Financial Sector Computer Security Incident Response Team (FinCSIRT), formally known as “BankCSIRT” established in 2014 as a project initiated by the Central Bank of Sri Lanka (CBSL), Sri Lanka Bankers Association (SLBA) and Sri Lanka Computer Emergency Response Team Coordination Centre (Sri Lanka CERT | CC). LankaClear Pvt Ltd, who operates the Sri Lankan Payment Network, was invited to host FinCSIRT as independent unit.

FinCSIRT is further holds the “Liaison Membership” of the Asian Pacific Computer Emergency Response Team and the First Asian Pacific FinCSIRT to be established. FINCSIRT is established as a centralized body (Not-for-Profit Organisation) to coordinate security efforts within the banking and financial sector, and as an entity steered and funded by the Banks, will have the prime responsibility and accountability towards them.

FinCSIRT Vision and Mission

VISION

To ensure that the financial sector in Sri Lanka to be the most resilient in Asia against the rapidly increasing information security threats.

MISSION

Mission To support all the Sri Lankan Financial Sector stakeholders to build information Security resiliency against the rapidly advancing information security threats by:

  • Building a collaborative platform for all the members in the Sri Lankan Financial Sector to work together and share threat intelligence.
  • Identifying the information security threats to the financial sector proactively and responding to the incidents effectively.
  • Ensuring compliance to Information Security Baseline Standards by the Sri Lankan financial sector in collaboration with Sri Lanka CERT|CC and Central Bank of Sri Lanka.
  • Working with local and foreign CERTs and CSIRTs, vendors and all affiliated parties to gather and disseminate information security knowledge and threat intelligence.
  • Operating the Financial Sector Security Operations Center on a 24X7 basis to monitor and detect incidents promptly and respond effectively.
  • Develop Sri Lankan Financial Sector information security resiliency.

Services We Offer

FinCSIRT currently offers various services to different parties, not limited to the following:

  • 45 Banks and Finance Companies
  • Central Bank of Sri Lanka
  • Sri Lanka Bankers Association
  • Sri Lanka CERT | CC
  • LankaClear (Pvt) Ltd
  • Supporting parties for the Sri Lanka Financial Sector – Vendors, CID, Ministries…etc.
  • Global parties – Financial Sector Security Teams (Globally), Asian Pacific CERTs…etc.

FinCSIRT currently offers the following services to the affore mentioned parties:

  • Sectoral Information Security Development Services
    • Assisting the Central Bank of Sri Lanka (The Regulator) in sector information security posture building
    • Assisting the financial sector affiliated stakeholders in providing secure services to the financial institutes
      • Working with Sri Lanka CERT | Digital Ministry | SLBA | CID | Vendors …etc.
    • Uplifting the information security resiliency of the Sri Lankan financial sector
      • Publishing of information security best practices and standards (Framework and Baseline Controls)
      • Assessing the information security readiness of the financial sector institutes (R&D: Likelihood Calculation Algorithm)
      • Continuous uplifting the capabilities of the personal responsible for handling information security incidents with simulated live threat environments (Cyber War Games)
      • Uplifting the individual institutes strength in information security resiliency
        • Service Level Agreement based services by FinCSIRT to its members (CORE & ISOC Services)
        • Act as internal Information Security Consultant for the Financial Institutes
        • Assist conducting training and awareness for the organization employees
        • Assisting the implementation of information security best practices and standards
  • Global Information Security Development Services
    • Supports international FinCSIRTs and the CERTs for information security development
    • Coordinate and corporate with international CERTs for incident responses activities