The Asia Foundation, backed by a $15 million Google.org grant, recently launched the APAC Cybersecurity Fund in Colombo to bolster the cybersecurity capabilities of over 300,000 MSMEs across 12 Asia-Pacific countries. This initiative aims to equip 13,000 small and medium enterprises (SMEs) in Sri Lanka with essential skills to manage digital security threats, benefiting businesses also in Bangladesh, Vietnam, India, Japan, Korea, Malaysia, Pakistan, Philippines, Singapore, and Thailand.
In Sri Lanka, the program will conduct training sessions in all nine provinces and establish cyber clinics at the Sri Lanka Institute of Information Technology and Uva Wellassa University, targeting knowledge growth and skill-building among undergraduates. Despite SMEs contributing nearly 50% of the nation’s production, awareness of cybersecurity practices is low, especially among smaller enterprises, largely due to gaps in education and financial resources. The program also places a focus on increasing women’s involvement in economic activities.
While Sri Lanka’s Online Safety Act was enacted earlier this year, the forum emphasized the urgent need for a cohesive national cybersecurity framework. The absence of a Cyber Security Act has left many businesses—especially SMEs—underprepared for both current cyber risks and the impending implementation of the Personal Data Protection Act next March.
Additionally, recent surveys reveal that 79% of Sri Lankans still favor cash transactions, although internet and digital platform usage are rising. Stakeholders like the Ceylon Chamber of Commerce urge expedited discussions on cybersecurity legislation to ensure MSME readiness and resilience across the nation.