Colombo — HUTCH Sri Lanka, one of the country’s fastest-growing mobile network providers, has achieved the prestigious ISO/IEC 27001:2022 certification, underscoring its commitment to maintaining world-class standards in information security management. The certification was issued by Bureau Veritas Certification, accredited by the United Kingdom Accreditation Service (UKAS), a globally recognized authority in compliance and certification.
The ISO/IEC 27001:2022 standard represents the highest international benchmark for Information Security Management Systems (ISMS), ensuring organizations implement robust controls to identify, manage, and mitigate data risks. This certification confirms that HUTCH has met stringent global standards for safeguarding customer, partner, and corporate data across all digital operations.
“In today’s hyper-digital world, information security is not an option — it’s a fundamental obligation,” said Saumitra Gupta, Chief Executive Officer of HUTCH. “This certification validates our unwavering commitment to data protection and reinforces the trust customers place in us. It reflects the rigorous systems, accountability, and vigilance that guide how we operate at every level.”
Bureau Veritas Lanka’s Country General Manager, Shan Nanayakkara, commended HUTCH’s achievement, saying, “We are pleased to certify HUTCH with the ISO/IEC 27001:2022 standard. Their structured, consistent approach to risk management and security governance sets an exemplary standard for the telecom sector and beyond.”
The certification strengthens HUTCH’s resilience against cyber threats, ensuring its systems remain secure and compliant with global best practices. It also highlights the company’s proactive strategy to embed information security into its business framework — from operational infrastructure to customer data handling.
By securing ISO/IEC 27001:2022 certification, HUTCH has reaffirmed its position as a trusted digital partner, prioritizing customer data protection and fortifying its technological ecosystem against evolving cybersecurity risks in Sri Lanka’s increasingly connected landscape.
