Laws concerning computer security in Sri Lanka

"Cyber security isn’t easy, but it comes down to three basic principles."

protect, detect and respond

What is the computer security

  Computer security is the safeguard put in place for computer systems to prevent unauthorized access, theft, or abuse of sensitive data. Many procedures are in place and are often used, mostly to secure computer systems and networks and stop any hostile activity.

The importance of computer security

  The secure processing and storage of sensitive information, such as medical records, financial data, and corporate data, is ensured by computer security. All parts of a computer system are kept discreet, secure, and readily available thanks to cyber security. Computer security is crucial for the following reasons:

• To safeguard personal data
• to safeguard organization assets
• In order to prevent data theft
• To stop malware and viruses
• Refraining from Unauthorized Access

How sri lanka act in this matter?

  The Computer Crimes Act No. 24 of 2007 provides for the identification of computer crimes and stipulates the procedure for the investigation and enforcement of such crimes. The Bill was presented in Parliament and debated on 23rd August 2005 and extensively revised by the Parliamentary Standing Committee "B". It became law in May 2007 and was approved by the Speaker of the House on July 9, 2007. Sri Lanka has become the first country in South Asia to become a state party to the Council of Europe Convention on Cybercrime. Sri Lanka's accession to the Budapest Cybercrime Convention was the fastest in the Council of Europe.Here we are gives you conclutions about two laws and key policies.
  Let's see them.

The Computer Crimes Act no. 24 of 2007

  The Computer Offences Act No. 24 of 2007 lays out the procedure for looking into and prosecuting such offences and makes it possible to find computer crimes. The Computer Crimes Act No. 24 of 2007's main goal is to make attempts at unauthorized access to a computer, computer program, data, or piece of information illegal. Regardless of whether the criminal has permission to access the computer, it also includes a clause to address unlawful computer usage.
  The Act would be applicable where:-

• While inside or outside of Sri Lanka, a person commits an offense under the Act.
• At the time of the incident, the computer, computer system, or information impacted by the conduct that violates this Act was either inside or outside of Sri Lanka.
• Sri Lanka was the location of the facility or service, such as a computer storage or information processing service, that was used to commit an offense under this Act.
• The state or a person residing in Sri Lanka or outside of Sri Lanka suffers the loss or damage as a result of the commission of an act prohibited by the Act.

  The Sri Lankan Computer Crime Act includes a wide variety of substantive offenses, which may be generally divided into the following two types of offenses.
  They include:

• Computer-related crimes (crimes including the use of computers as a tool for theft, fraud, etc.)
• Cybercrimes that compromise the availability, confidentiality, and integrity of a computer system or network (also includes the introduction of Viruses, worms etc)

The Electronic Transactions Act no. 19 of 2006

  The Model Law on Electronic Commerce (1996) and the Model Law on Electronic Signatures, both published by the United Nations Commission on International Trade Law (UNCITRAL), serve as the foundation for the Electronic Transactions Act No. 19 of 2006. (2001).
  The Act's goals are as follows:

• to make domestic and international electronic commerce easier by removing legal obstacles and creating legal certainty;
• to promote the use of trustworthy forms of electronic commerce;
• to make it easier to file documents electronically with the government and to encourage the effective provision of government services using trustworthy forms of electronic communications;
• to increase public confidence in the law. Due to this, electronic communication is now recognized as a legitimate form of communication on a formal and legal level (emphasis added)

Finally

  Major ICT legislation have been drafted with the assistance of ICTA, and significant policy reforms have been implemented to support e-transformation and ICT development. Institutional arrangements were also put in place, such as Sri Lanka CERT. Additionally, strategic alliances and collaborations positioned Sri Lanka's ICT growth on the global stage.
  Currently, the Government is pursuing a strategy based on the adoption of a private sector-inclusive data protection code of practice, with the potential for the code to be given statutory status through regulations issued under the 2003 Information and Communication Technology Act. As a result, this strategy might be viewed as a self- or co-regulatory strategy.

How to avoid software projects from failing

"There are no secrets on an successful software project. Both good and bad news must be able to move up and down the ptoject hierarchy without restriction."

Steve McConnell

1. What is software failure

  a software failure that happens when the user notices that the program is no longer producing the desired outcome for the specified input values. Depending on how a failure would affect the systems, the user may need to categorize it as catastrophic, critical, major, or minor.
  Companies who aren't in the top 25% of technology manufacturers see an average of three out of ten IT initiatives fail. More than half of successful initiatives end up costing about 200% more than originally projected. Even though the IT industry is expanding and there are numerous projects in this field, up to one-third of them are abandoned before they are ever finished.

So let's look at how we can prevent these mistakes and make our project successful.

2. Define Success Clearly

  As was already said, there are several criteria for determining a project's and a product's success. Not all projects result in new products, and a good project does not always translate into a successful product. It is crucial to have precise metrics for determining if a project is successful or unsuccessful.

3. Exact Roles and Responsibilities (before the First Iteration)

  Everyone's job and duties must be clearly defined in order to realize the vision after it has been established. Everyone will work toward the same objective if the leadership team is firmly united in defining the purpose, value, and logic. In this case, it's vital to fill each position with the proper candidates who possess the necessary skill set. For instance, the project manager or product owner has to have the necessary management and leadership abilities. Take an expanded team strategy whenever you don't have the required knowledge on staff to keep the project moving forward.


4. Estimate appropriate time and financial budgets

  By doing this, you will avoid having to chase after them over the allotted time. Avoid working with suppliers who frequently adjust timetables since this suggests that they did not evaluate the project holistically. Check to see whether you understand the projected project costs in a similar manner. Make sure that the project's complexity and nature, not merely your assumptions, are the only determinants of the costs. In the event that you are collaborating with a third party or software outsourcing company, be extremely explicit when drafting terms on future cost increases, etc.


5. Specify goals and requirements clearly.

  When working on a project, you should have defined project management procedures and comprehensive project requirements (i.e. Agile, Waterfall, etc.).The project has to have a clear scope and breakdown. This will provide a more accurate estimation. We advise include developers in the project timetable planning process.

6. Use Wireframes to Help Your Product Come to Life

  Good software is more than just well-written code; it also has outstanding communication. Although you must express your project requirements in writing, it is preferable to illustrate them in a wireframe.
  These straightforward static illustrations help develop the concept and give it a bit more life. Additionally, this method aids in bridging the knowledge gap between business people and technical software engineers.Prototypes and wireframes are also essential to winning over all stakeholders to the project. It's an effective means of communication that promotes more project ownership.

7. Work with a Team that Has the Right Skills

  Most vendors and project managers willfully hire the same development team for every stage of the SDLC, frequently oblivious to the unique talents and expertise that your project may need at certain points along the way to be successfully completed. In an effort to cut expenses, people occasionally make the error of relying solely on one or a small number of talented developers and placing less qualified developers beneath them. This results in the failure of software projects. Before hiring these young engineers to work on your project, if at all feasible, do interviews with them.


  So finally software is used in every aspect of our life, even the smallest tasks. Thus, the outcomes of software development initiatives have a lasting impact. The outcomes might include significant time, money, or resource loss, or in the worst-case scenarios, all of them. Failure of a project hurts an organization's potential. The whole future of the organization might be destroyed if the failure is severe enough; a government software failure, for instance, could endanger national security. Failures in IT can also hinder societal progress and quality of life.