Sandamali Silva becomes country’s first woman ECSA

Untitled-34(1)[1]Eleven Sri Lankans became the first batch to complete the EC-Council Certified Security Analyst (ECSA) training program – one of the world’s top-most IT security qualification – held recently in Colombo. One of them, Sandamali Silva, became Sri Lanka’s first female ECSA. The ECSA training was organised by CICRA Consultancies Ltd, a part of CICRA Holdings and an accredited training centre of the EC-Council in the US. “The ECSA program is a comprehensive, standards-based, methodology-intensive training program which teaches information security

rofessionals to conduct real-life penetration tests by utilising the EC-Council’s published penetration testing methodology,” CICRA Holdings Director/CEO Boshan Dayaratne said.

“Certified Ethical Hacking (C|EH) is the industry standard for information security professionals who engage in penetration testing of their respective organisations. ECSA is a program for those who have achieved C|EH. It deals with advanced ethical hacking,” Dayaratne said.

“Those who pass the ECSA examination from the EC-Council, US could apply to for Licensed Penetration Tester (LPT) status, the pinnacle of achievement for ethical hackers,” he said.

“With the ECSA training, CICRA has become the only institution in Sri Lanka that offers a complete list of IT security certifications from the EC-Council in Sri Lanka. Any IT professional can now become an expert in information security by following EC-Council certifications, starting from Network Security Administrator (ENSA). They don’t need to fly abroad to obtain the ECSA anymore,” he said.

From the 11 participants at the ECSA, Sandamali Silva was the first to sit for the four-hour online exam. She also became the first woman in Sri Lanka to obtain the ECSA qualification after passing the exam.

“Be it networking or application development, IT security is the future. You should be able to respond to any IT security issue. If you are to be the best in your field, all IT professionals need to thoroughly know the security perspective,” Silva said.

The ECSA training was conducted by CICRA’s master trainer Krishna Rajagopal from Malaysia. CICRA is Sri Lanka’s leading cyber security training and consultancy organisation.

It conducts number of internationally-recognised training programs in IT security. For more information visit


Picture 1:

First batch of EC-Council Certified Security Analysts (ECSA) in Sri Lanka: (left to right) N.P. Sumith Rohana (Virtusa),  Mohamed Nijam Mohamed Mafaz (Emiraj Systems), Boshan Dayaratne (Director/CEO, CICRA), Sandamali Silva (Qatar),  Shafraz Thawfeek (TSeyva Pte Ltd), Hans W. Thomasz (Qatar Development Bank), Haran Mamankaran (Dialog), A.L. Heshantha Disnajith Fernando (Versata Inc.), Krishna Rajagopal (CICRA Master Trainer), Nalaka Umagiliya (John Keells Holdings), M.A.D.S. Sanjeewa (SLRC), W. L. D. Geeth Sameera (Dialog Axiata) and K.M.K.K. Siriwardana (United Nations)