Pakistan’s New Cyber Security Policy

Uploaded on 2021-09-06 in GOVERNMENT-National, FREE TO VIEW

The Pakistan Telecommunication Authority (PTA) has announced that a new national cyber security policy and the  Pakistan national cyber security agency has been approved. The new policy aims to support both public and private institutions, including national information systems and critical infrastructure, replacing a system whereby government institutions have separate security operations.

This a delicate time for Pakistan, which recently accused India of using Israeli Pegasus spyware to spy on Prime Minister Imran Khan, and has designated cyber attacks on any Pakistani institution as an attack on national sovereignty.

Federal Minister for Information and Broadcasting Fawad Chaudhry said the policy has been introduced keeping in view the enhanced significance of the cyber regime. He said Prime Minister Imran Kahn has asked that a “threats assessment committee” be formed to decide whether or not security be provided to government ministers and other important figures.

Pakistan’s new cyber security policy will include a new governance and institutional framework for a ‘secure cyber ecosystem’, along with computer emergency response teams (CERTs) and security operations centres (SOCs) at national, sector, and institutional levels. The policy also calls for new information-sharing mechanisms, along with skills development and training programs and public awareness campaigns.

The country’s current cyber law, the ‘Prevention of Electronic Crime Act’ (PECA), is poorly implemented, according to ethical hacker and security analyst Rafay Baloch. “To quote a few examples, the federal government has yet to designate a digital forensics laboratory to provide expert opinion to the court independent of the investigative agency which is mandated by the section 40 of PECA,” he told reporters. Baloch says that the new policy should improve Pakistan’s cybersecurity, in particular by harmonising practices across different bodies. He also calls for the government to develop an institutional framework consisting of dual civil-military agencies:

According to the new national policy, a cyber attack on any institution of Pakistan will be considered an act of aggression against national sovereignty and all necessary and retaliatory steps would be taken. The committee will implement the policy at the national level, determine a strategy in a timely manner and take timely action. The committee comprises the secretaries and senior officers of 13 different departments/organisations.

Currently Pakistan has been ranked seventh worst cyber secure state in the world by the Global Strategies Index and the Global Security Index 2018 report.

Pakistan Today:      Portswigger:         Dawn:     Tribune.pk:    The News.pk

You Might Also Read:

India’s New National Cyber Security Strategy:

 

« Detecting & Mitigating Cyber Attacks
Apple Uses Surveillance To Detect Child Abuse »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Secure Recruiting International (SRI)

Secure Recruiting International (SRI)

SRI is an industry leader in Information Security , Networking, Wireless and Storage recruitment.

Jumpsec

Jumpsec

Jumpsec provides penetration testing, security assessments, social engineering testing, cyber incident response, training and consultancy services.

BMS Group

BMS Group

BMS is an independent, employee-owned specialist insurance broking group. Broking solutions include Cyber and Technology.

IoT Now

IoT Now

IoT Now explores the evolving opportunities and challenges facing CSPs, and we pass on some lessons learned from those who have taken the first steps in next gen IoT services.

Arete

Arete

Arete is a global cyber risk company whose mission is to transform the way organizations prepare for, respond to, and prevent cybercrime.

Fortanix

Fortanix

Fortanix Runtime Encryption keeps keys, data, and applications completely protected from external and internal threats.

Beazley

Beazley

Beazley are a specialist insurer with three decades of experience in providing clients with the highest standards of underwriting and claims service worldwide.

Thrive

Thrive

Thrive delivers the experience, resources, and expertise needed to create a comprehensive cyber security plan that covers your vital data, SaaS applications, end users, and critical infrastructure.

Trail of Bits

Trail of Bits

Trail of Bits combine high-end security research with a real-world attacker mentality to reduce risk and fortify code.

VLATACOM Institute

VLATACOM Institute

Vlatacom Institute is privately owned accredited research and development institute, system integrator and turn-key solution provider. Areas of expertise include encryption and authentication.

RevBits

RevBits

RevBits provides high-performance cybersecurity solutions including email security, endpoint security, deception technology and PAM solution to enterprise companies and public sector organizations.

Hex-Rays

Hex-Rays

Founded in 2005, privately held, Belgium based, Hex-Rays SA focuses on the development of fast, stable, and robust binary analysis tools for the IT security market.

Intel

Intel

Intel products are engineered with built-in security technologies to help protect potential attack surfaces.

BT Security

BT Security

BT provides telecommunications and network infrastructure services to keep businesses around the world connected and secure.

SecurEyes

SecurEyes

SecurEyes is a leading cybersecurity firm that provides specialised services, including cybersecurity assessments, managed services, and governance risk and compliance services.

Karate Labs

Karate Labs

Karate is an open-source unified test automation platform combining API testing, API performance testing, API mocks & UI testing.