The Sri Lanka Computer Emergency Readiness Team (CERT), a tech arm of the Technology Ministry, is planning to launch e-learning on cybersecurity to enhance knowledge and develop highly skilled professionals, in both the private and public sectors, to detect and battle cyberattacks.
Speaking to The Morning Business, Sri Lanka CERT, Projects, Research, and Policy Department Project Manager Pubudu Withanage stated that his department first proposed this project last year.
“This started prior to my position as the Project Manager. To my knowledge, it was proposed by the Department of Projects, Research, and Policy and from the Department of National Planning in May 2020,” Withanage stated.
Nevertheless, due to obstacles that resulted from the coronavirus pandemic, the project was postponed.
“The procurement was not ongoing due to the threats of Covid-19. A procurement committee was appointed and the notice was published last week,” Withanage commented.
According to the Expression of Interest (EOI) published by the SL CERT last Friday (23) which has a closing date on 11 May 2021, the designed project is incepted to develop the capacity of the government employees through online means.
In addition, it stated that online learning has become an effective means of developing the capacity of government employees with use of the right people, appropriate content, and effective technologies in the face of a global pandemic.
Therefore, the project aims to obtain the service of qualified and experienced individual consultants to develop curricula on specific topics on information and cybersecurity.
The EOI further mentioned the curricular developed through this project would be then transferred to e-learning content at a later stage.
Sri Lanka CERT believes that over the last few years, cybercriminals have figured out that humans are the weakest aspect of cybersecurity.
Thus, the threat moved from electronic hacking techniques to social engineering, where hackers contact people and deceive them to hand over their sensitive information.
“Many organisations underestimate the human factor in information and cybersecurity, although people’s understanding, knowledge, and perceptions on information and cybersecurity are critical for protecting digital systems in their organisations,” Sri Lanka CERT mentioned in the terms of reference.
Thereby, as it is no longer sufficient to have few people in an organisation who are trained in cybersecurity, each and every employee of the organisation, in this context, should have at least the basic knowledge of cybersecurity.
SL CERT also believes that any type of cyberattack highlights the need for cybersecurity awareness training at all levels of an organisation, regardless of the intent.
Thus, in order to reach a broader audience, many organisations currently adopt e-learning technology to increase the cybersecurity knowledge of their employees. The tech arm further mentions that this is mainly due to the flexibility, cost effectiveness, and the convenience that e-learning can bring to its users.
The firm also stated that understanding the current trend, the National Information and Cyber Security Strategy of Sri Lanka has proposed that online information and cybersecurity training for all government employees is essential.