Pakistan’s New Cyber Security Policy

Uploaded on 2021-09-06 in GOVERNMENT-National, FREE TO VIEW

The Pakistan Telecommunication Authority (PTA) has announced that a new national cyber security policy and the  Pakistan national cyber security agency has been approved. The new policy aims to support both public and private institutions, including national information systems and critical infrastructure, replacing a system whereby government institutions have separate security operations.

This a delicate time for Pakistan, which recently accused India of using Israeli Pegasus spyware to spy on Prime Minister Imran Khan, and has designated cyber attacks on any Pakistani institution as an attack on national sovereignty.

Federal Minister for Information and Broadcasting Fawad Chaudhry said the policy has been introduced keeping in view the enhanced significance of the cyber regime. He said Prime Minister Imran Kahn has asked that a “threats assessment committee” be formed to decide whether or not security be provided to government ministers and other important figures.

Pakistan’s new cyber security policy will include a new governance and institutional framework for a ‘secure cyber ecosystem’, along with computer emergency response teams (CERTs) and security operations centres (SOCs) at national, sector, and institutional levels. The policy also calls for new information-sharing mechanisms, along with skills development and training programs and public awareness campaigns.

The country’s current cyber law, the ‘Prevention of Electronic Crime Act’ (PECA), is poorly implemented, according to ethical hacker and security analyst Rafay Baloch. “To quote a few examples, the federal government has yet to designate a digital forensics laboratory to provide expert opinion to the court independent of the investigative agency which is mandated by the section 40 of PECA,” he told reporters. Baloch says that the new policy should improve Pakistan’s cybersecurity, in particular by harmonising practices across different bodies. He also calls for the government to develop an institutional framework consisting of dual civil-military agencies:

According to the new national policy, a cyber attack on any institution of Pakistan will be considered an act of aggression against national sovereignty and all necessary and retaliatory steps would be taken. The committee will implement the policy at the national level, determine a strategy in a timely manner and take timely action. The committee comprises the secretaries and senior officers of 13 different departments/organisations.

Currently Pakistan has been ranked seventh worst cyber secure state in the world by the Global Strategies Index and the Global Security Index 2018 report.

Pakistan Today:      Portswigger:         Dawn:     Tribune.pk:    The News.pk

You Might Also Read:

India’s New National Cyber Security Strategy:

 

« Detecting & Mitigating Cyber Attacks
Apple Uses Surveillance To Detect Child Abuse »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

TBG Security

TBG Security

TBG provides a portfolio of services including cyber security, compliance and continuity solutions.

Cyber Conflict Studies Association (CCSA)

Cyber Conflict Studies Association (CCSA)

Cyber Conflict Studies Association (CCSA) is a non-profit organization dedicated to leading a diversified research agenda in the field of cyber conflict.

Security Brigade

Security Brigade

Security Brigade is an information security firm specializing in Penetration Testing, Vulnerability Assessment, Web-application Security and Source Code Security Audit.

Entersekt

Entersekt

Entersekt is an innovator in push-based authentication and app security.

Sumo Logic

Sumo Logic

Sumo Logic simplifies how you collect and analyze machine data so that you can gain deep visibility across your full application and infrastructure stack.

Cybertonica

Cybertonica

Cybertonica is a FinTech company which detects and prevents fraudulent transactions and reduces risk for financial services organisations.

C11 Cyber Security & Digital Innovation Centre

C11 Cyber Security & Digital Innovation Centre

C11 is working with local and national partners to develop talent and bring brilliant minds and brilliant businesses together.

IntelligInts

IntelligInts

IntelligInts provide 24×7 threat monitoring, hunting, alerting, and mitigation in our world class Security Operations Center.

Genius Guard

Genius Guard

Genius Guard specializes in DDoS Protection, DDoS Protected Webhosting, HYIP Hosting, Bitcoin Hosting, Cryptocurrency Hosting.

Nokod Security

Nokod Security

Nokod Security delivers an application security platform for low-code / no-code custom applications and Robotic Process Automation (RPA).

OneCollab

OneCollab

OneCollab, your unwavering ally in the dynamic landscape of IT services and cybersecurity.

Bulletproof Solutions

Bulletproof Solutions

Bulletproof provides IT expert support, services, and guidance to businesses small and large as they grow and adapt to today’s complex IT, cybersecurity, and compliance needs.

CERT.ar

CERT.ar

CERT.ar is the national Computer Emergency Response Team for the technical-administrative management of computer security incidents in the National Public Sector of Argentina.

Fraud.net

Fraud.net

Fraud.net operates the first end-to-end fraud management and revenue enhancement ecosystem specifically built for digital enterprises and fintechs globally.

HYCU

HYCU

HYCU was born of the need to simplify data protection and provide equivalent levels of backup and recovery support across on premises, public cloud, and SaaS workloads.

Axiotrop

Axiotrop

AXIOTROP is a Cybersecurity firm offering leading services in assessment, remediation, and validation to protect the confidentiality, integrity, and availability of regulated information.