HUTCH Secures ISO/IEC 27001:2022 Certification, Elevating Data Protection Standards in Telecom

HUTCH Sri Lanka, a rapidly advancing mobile services provider, has been awarded the ISO/IEC 27001:2022 certification, reaffirming its commitment to a globally recognized information security management system. This certification, newly achieved in 2025, was issued by Bureau Veritas Certification with UKAS accreditation, a world-leading certification company.

The ISO/IEC 27001:2022 certification sets out the highest standards for information security management systems (ISMS), ensuring that HUTCH meets globally benchmarked protocols for protecting customer, partner, and corporate data. The certification reflects a robust approach to identifying, managing, and mitigating risks across all digital infrastructure and business operations.

Commenting on the achievement, Saumitra Gupta, Chief Executive Officer of HUTCH, stated:
"In today’s hyper-digital world, information security is not an option, it’s a fundamental obligation. This ISO/IEC 27001:2022 certification is an important validation of our unwavering commitment to protecting our customers’ data and reinforcing the trust they place in us. It reflects the rigorous systems we’ve implemented and the culture of accountability and vigilance that guides how we operate at every level."

Also sharing his thoughts, Mr. Shan Nanayakkara, Country General Manager, Bureau Veritas Lanka Pvt Ltd stated: "We are pleased to certify HUTCH with the ISO/IEC 27001:2022  standard, recognizing the company’s structured and consistent approach to information security. Their proactive dedication to best practices and risk management is commendable and sets an excellent example for the telecom sector and beyond."

The ISO/IEC 27001:2022 standard provides a comprehensive framework for implementing, maintaining, and continually improving information security management systems. It is internationally recognized as a key tool for managing cyber threats and regulatory compliance, enabling companies like HUTCH to embed security into their core business strategies.

With this latest certification, HUTCH further solidifies its role as a trusted digital partner, prioritizing the protection of customer data and fortifying its infrastructure against evolving security challenges in today’s hyperconnected world.

Photo Caption – (Left to Right) Sunera Mahanamahewa, Senior Manager – Information Security & Compliance; Indika Edirisinghe, General Manager – IT & Core Network; Asanga Ranasinghe, Chief Technology & Information Officer; Saumitra Gupta, CEO; Shan Nanayakkara, Country General Manager, Bureau Veritas Lanka Pvt Ltd; Subash De Silva, Manager – Marketing & Sales, Certification Services, Bureau Veritas Lanka Pvt Ltd; Ajith Gamlath, Associate Director, TrustVault (Pvt) Ltd.

About HUTCH Sri Lanka

HUTCH Sri Lanka, a subsidiary of CK Hutchison Holdings (CKHH), is a major player in the Sri Lankan telecom industry. CKHH, a Hong Kong-based Fortune 500 conglomerate, operates in over 50 countries across six sectors, including Telecommunications, and reported revenues nearing USD 60 billion in 2023.

Entering the Sri Lankan market in 1997, HUTCH has grown significantly, launching GSM services in 2004, 3G in 2011, and 4G in 2018. The 2019 acquisition of Etisalat Sri Lanka further strengthened its market presence, enabling it to serve customers on both 078 and 072 prefixes. Currently, HUTCH’s 4G network covers 95% of Sri Lanka's population, and the company is 5G-ready to support the nation’s digital aspirations.

With affordable, reliable connectivity, HUTCH serves as a key driver in Sri Lanka’s telecommunications growth, expanding access to communication, business efficiency, and entertainment across even the most remote regions.