Securing Sri Lanka’s critical infrastructure: Conversations on building resilience in evolving threat landscape

By Hiyal Biyagamage

The Daily FT-CICRA Cybersecurity Summit 2025 concluded with a powerful final session that delved deep into securing critical infrastructure in an era of escalating cyber threats. The session featured keynote presentations by industry leaders, including Sijesh Sreedhar of Google Cloud Security-India, Musthaq Mukthar from MillenniumIT ESP, and Indika De Zoysa of Huawei Technologies Lanka. A robust panel discussion followed, featuring Dialog Axiata Head of Information Security Farash Samat, and SLCERT Chief Information Security Officer Nirosh Ananda.

Global threats demand local solutions

MillenniumIT ESP Head of Security Operations Musthaq Mukthar opened the session with a compelling presentation titled “Global Threats and Local Impact: Securing Critical Infrastructure.”

“Cyber threats are becoming more sophisticated and relentless, particularly in the realms of critical infrastructure,” Mukthar began. He painted a grim picture of the global threat landscape, emphasising the rise of ransomware-as-a-service, state-sponsored cybercrime, and vulnerabilities within interconnected systems.

Mukthar’s presentation focused on Sri Lanka’s unique challenges, particularly in sectors like energy, transportation, and finance. “We cannot rely on generic solutions. Our defences must be localised, leveraging technologies and strategies suited to our operational realities,” he stated.

He emphasised the adoption of AI-powered threat detection tools to identify and neutralise threats in real-time. Mukthar also called for greater collaboration between the private sector and government, urging, “No single entity can do this alone. We need a united front.” Additionally, he highlighted the shortage of skilled cybersecurity professionals and advocated for education and training programs tailored to meet local demands. Mukthar’s roadmap was both aspirational and pragmatic, serving as a call to action for industry stakeholders.

The future is collaborative

Huawei Technologies Lanka Strategic Adviser and Vice President Indika De Zoysa took the stage to discuss “Introducing MCKB & NESAS: Global Standards to Safeguard Telecom Infrastructures.” His presentation underscored the critical role of international standards in securing the telecom sector amidst rapid digital transformation.

“We are living in a world where connectivity drives everything,” De Zoysa stated. “The shift from industrial economies to digital economies has brought immense opportunities, but it has also amplified our vulnerabilities.”

De Zoysa highlighted high-profile cyber incidents, such as the ransomware attack on Japan’s Nagoya Port and the breach of Saudi Aramco’s systems, as cautionary tales. “These attacks are reminders that no infrastructure is invulnerable,” he noted. He introduced two key frameworks to address these challenges. The first, MCKB (Mobile Cybersecurity Knowledge Base), is a comprehensive resource offering threat analyses and mitigation strategies. The second, NESAS (Network Equipment Security Assurance Scheme), provides a standardised approach to cybersecurity assessment, unifying fragmented regulations.

On 5G security, De Zoysa highlighted the importance of shared responsibility. “Operators, service providers, and vendors must work hand-in-hand. Cybersecurity is not a competitive advantage; it’s a collective necessity,” he said. De Zoysa concluded by reiterating Huawei’s commitment to cybersecurity, emphasising secure development practices and rigorous testing. “Our goal is to set new benchmarks for telecom security,” he affirmed.

Resilience through proactive defence

The session’s third presentation, delivered by Google Cloud Security-India Head of Security Engineers Sijesh Sreedhar, captivated the audience with a real-life case study of a cyberattack on critical infrastructure in the APJ region.

“This was not just an attack on systems; it was an attack on trust,” Sreedhar began, detailing how a public-sector utility—with 10,000 users, 5,000 servers, and 25 plants—was brought to its knees by a ransomware attack in 2022. He outlined the incident’s timeline, describing how attackers encrypted backups, compromised centralised authentication systems, and began advertising stolen data on the dark web over four days.

Sreedhar explained that the organisation’s reliance on centralised systems and ineffective audits left them vulnerable. To combat the attack, Mandiant employed a four-phase strategy: containing the breach, investigating its scope, cleansing and hardening the systems, and monitoring operations during restoration. He emphasised that compliance does not equal security. “Organisations must continuously validate their defences and adapt to evolving threats,” he noted. Sreedhar’s insights were a stark reminder of the stakes involved in securing critical infrastructure.

Insights from the panel discussion

The session concluded with a panel discussion which featured Dialog Axiata Head of Information Security Farash Samat, and SLCERT Chief Information Security Officer Nirosh Ananda.

Opening the panel discussion, Farash Samat said, “The attack surface is expanding rapidly with 5G, IoT, and cloud adoption. We’re no longer defending networks; we’re defending ecosystems.” He emphasised the need for real-time threat intelligence sharing, saying, “Collaboration is no longer optional; it’s a survival strategy.”

Nirosh Ananda provided insights into Sri Lanka’s regulatory landscape, explaining that aligning local cybersecurity policies with global standards requires significant investment and stakeholder buy-in. Ananda also highlighted the need for better incident reporting mechanisms, emphasising, “Transparency is key. Without it, we’re fighting blind.”

The panellists agreed on several critical points. They identified ransomware-as-a-service, supply chain vulnerabilities, and insider threats as top concerns. Samat warned of the risks associated with AI-driven attacks, noting that attackers are leveraging AI as effectively as defenders. Ananda pointed out that skill shortages and limited budgets remain significant barriers, particularly in developing economies. The discussion underscored the need for proactive measures and collaboration to address these challenges.

During the discussion, Musthaq Mukthar said, “The threats we face are not static; they evolve. Our defenses must evolve faster.” Indika De Zoysa reinforced this sentiment, stating, “Cybersecurity is not a solitary endeavour. It’s a shared responsibility that demands global cooperation.” Finally, Sijesh Sreedhar’s words served as a poignant reminder: “Resilience is not built in a day; it’s forged through preparation, adaptation, and unwavering commitment.”

Strategic partners of the CEO Forum and the 10th Annual Cyber Security Summit were Visa, Belkasoft, the platinum partners were Huawei and Google Cloud, Gold Partner was Sysco LABS, and Silver Partners were Millennium IT ESP, NCinga, and Just In Time Group. People’s Bank was the Banking Partner, LankaPay was the Official Payment Network Partner whilst Platform Provider was HashX. Electronic media partners were Sirasa TV, TV1 and NewsFirst, while the Podcast Partner was TechTalk360, and Brand Communications Partner was MullenLowe Sri Lanka.