As its name indicates, Sri Lanka CERT|CC is in essence a Responsive Organization.However, it is also said that prevention is the best form of defence.With this in mind, Sri Lanka CERT|CC also offers services which aim to raise awareness about Information Security and enhance the ability of its constituents to successfully fend off Cyber attacks.
Accordingly, Sri Lanka CERT|CC offers three broad Service Categories:
These are services which are triggered by events that are capable of causing adverse effects on a constituent’s Cyber Systems. Examples are Spam, Virus infections and unusual events detected by an Intrusion Detection System.
This service involves responding to a request or notification by a constituent that an unusual event has been detected, which may be affecting the performance, availability or stability of the services or cyber systems belonging to that constituent.
There are many types of Incidents. Some typical examples are:
♦ Malware (Viruses, Trojans, Backdoors, etc)
♦ Site Defacement
♦ DoS Attack
♦ System Compromise
♦ Hate/Threat Mail
♦ Identity/Information Theft
Sri Lanka CERT|CC will perform steps to identify the Incident and rate the severity of that Incident. The constituent will then be advised on how to contain the incident and eradicate the cause. Once the systems are fully recovered, Sri Lanka CERT|CC will submit a comprehensive Incident Report detailing the nature of the incident, steps taken to recover from the incident and recommended preventive measures for the future.
These services are designed to educate our Constituents on the importance of Information Security and related topics ranging from Information Security Fundamentals and best practices to more immediate issues, such as the latest cyber threats and attacks.
This service is used to disseminate information to the Constituency regarding Computer Viruses, Hoaxes, Security Vulnerabilities & Exploits other security issues, and where possible, to provide short-term recommendations for dealing with the consequences of such attacks.
Currently, alerts are posted on Sri Lanka CERT|CC website Home page.Constituents may also join the mailing list to receive alerts via E-mail.
Seminars & Conferences
These services are provided with the intention of raising awareness about the most current Information Security issues, Security Standards and best practices. The aim is to help Constituents significantly reduce the probability of being successfully attacked.
Seminars can even be tailored to address specific Information Security related issues by special request.
Note : These events may be charged for if they are organized at the request of a constituent, depending on the number of participants, resource persons employed, venue etc.
These services are also aimed at increasing the Constituency’s awareness of Information Security. However, unlike Seminars, these are more technically oriented and targeted for IT professionals, who perform daily tasks related to Information Security.
Workshops will be arranged regularly, or on request, by Sri Lanka CERT|CC for its constituents addressing general topics. If desired, constituent may Information Security related topics.
If desired, constituent may make a special request for a workshop to address a specific area in Information Security. These events may be charged for if they are organized at the request of a constituent, depending on the number of participants, resource persons employed, venue etc.
The Knowledge base is a passive service offered by Sri Lanka CERT|CC to interested Constituents through documents, articles, news items, etc published on the Sri Lanka CERT|CC website and the Media. The aim of this service is to provide a range of Knowledge Resources to the Constituency, enabling anyone from a Home user to an IT professional to find useful information to help boost their understanding of Information Security. A glossary is also made available and will be updated to reflect terminology used in the IT industry.
These services are aimed at providing Constituents with a means of determining the adequacy of their Information Security systems, and (if found necessary) to take necessary steps to strengthen its defenses.
This service is aimed at reviewing and analyzing the security infrastructure and procedures adopted within an organization based on the experience of Sri Lanka CERT|CC's Information Security Team and certain predefined parameters.The end result is a detailed report on the weaknesses of the client organization's current ICT infrastructure, where improvements need to be made and how such improvements should be implemented.
Note: These services will be charged for depending on the size of the ICT infrastructure of the organization, depth of the investigation and time allowed for the assessment.
Advisory for National Policy
This is a service that is performed by Sri Lanka CERT|CC as an obligation to the nation. As the primary authority on Information Security in Sri Lanka, Sri Lanka CERT|CC is responsible for developing, introducing and enforcing Information Security Standards to its constituency.
Constituents can access Sri Lanka CERT|CC's services through one or more Delivery Channels depending on the desired service.
The available Delivery Channels are:
◙ The Sri Lanka CERT|CC Website
◙ Help Desk
During office hours:
◙ Seminars & Workshops
◙ Staff On-site
Remote support is provided by Sri Lanka CERT|CC staff using Telephony, E-mail or Remote Login.
For your convenience, Applicable Delivery Channels for each service are summarized in the table below along with the links to access those channels.
Services will be made available to Sri Lanka CERT|CC constituents from Mondays to Fridays, 8.30 AM to 5.30 PM. After Office hours, and during weekends, constituents may use the Help Desk number of Incident response services only.