Mr. Vasantha Alwis
Information Technology Department
Central Bank of Sri Lanka
Financial sector is no doubt the most popular target of cyber attackers. In the light of increasing cyber threats, it has become a challenge for Financial Institutions (FIs) to safeguard their IT systems. It is apparent that the traditional approach for information security management is not adequate to address information security issues in this era. The Financial Sector Computer Incident Reporting System (FINCSIRT, then Bank CSIRT) was established in 2014, with a view to face this challenge in a collective manner.
FINCSIRT is a joint initiative of Central Bank of Sri Lanka, LankaClear (Pvt) Ltd., Sri Lanka CERT|CC and Sri Lanka Bankers’ Association. This entity is entrusted with the broad objective of providing strategic direction to the financial sector institutions in the area of information security.
This body is governed by a Steering Committee that constitutes members representing Central Bank of Sri Lanka, LankaClear (Pvt) Ltd., Sri Lanka CERT|CC, Sri Lanka Bankers’ Association, Licensed Commercial Banks and Licensed Specialised Banks. The membership has already been extended to the members of the Financial Houses Association and the Primary Dealers’ Association. Funded by Member Institutions (MIs), this acts as a centralized body to coordinate information security efforts in the banking and finance sector by engaging in core functions such as, formulating and implementing Baseline Security Standard (BSS) based on ISO standards, sharing of fraud, cybercrime & threat intelligence information anonymously among MIs, dissemination of vulnerability, advisory & informational alerts, incident response and registration of certified 3rd party service providers. In addition, several value added Security Operations Centre services are provided at nominal rates.
The FINCSIRT members will benefit immensely through the sharing of security information. They can safeguard their systems against newly emerging threats and they also can obtain help in responding to detected security incidents. In addition, optional Security Operations Centre services such as security reviews are provided to members.
The success of FINCSIRT depends on the level of involvement of its members. If the members can actively share the experiences, others can benefit from the same. They can respond to incidents in a proactive manner. Ultimately, the whole financial sector will be able to get together to combat cyber threats more efficiently and successfully.