Pakistan’s New Cyber Security Policy

The Pakistan Telecommunication Authority (PTA) has announced that a new national cyber security policy and the  Pakistan national cyber security agency has been approved. The new policy aims to support both public and private institutions, including national information systems and critical infrastructure, replacing a system whereby government institutions have separate security operations.

This a delicate time for Pakistan, which recently accused India of using Israeli Pegasus spyware to spy on Prime Minister Imran Khan, and has designated cyber attacks on any Pakistani institution as an attack on national sovereignty.

Federal Minister for Information and Broadcasting Fawad Chaudhry said the policy has been introduced keeping in view the enhanced significance of the cyber regime. He said Prime Minister Imran Kahn has asked that a “threats assessment committee” be formed to decide whether or not security be provided to government ministers and other important figures.

Pakistan’s new cyber security policy will include a new governance and institutional framework for a ‘secure cyber ecosystem’, along with computer emergency response teams (CERTs) and security operations centres (SOCs) at national, sector, and institutional levels. The policy also calls for new information-sharing mechanisms, along with skills development and training programs and public awareness campaigns.

The country’s current cyber law, the ‘Prevention of Electronic Crime Act’ (PECA), is poorly implemented, according to ethical hacker and security analyst Rafay Baloch. “To quote a few examples, the federal government has yet to designate a digital forensics laboratory to provide expert opinion to the court independent of the investigative agency which is mandated by the section 40 of PECA,” he told reporters. Baloch says that the new policy should improve Pakistan’s cybersecurity, in particular by harmonising practices across different bodies. He also calls for the government to develop an institutional framework consisting of dual civil-military agencies:

According to the new national policy, a cyber attack on any institution of Pakistan will be considered an act of aggression against national sovereignty and all necessary and retaliatory steps would be taken. The committee will implement the policy at the national level, determine a strategy in a timely manner and take timely action. The committee comprises the secretaries and senior officers of 13 different departments/organisations.

Currently Pakistan has been ranked seventh worst cyber secure state in the world by the Global Strategies Index and the Global Security Index 2018 report.

Pakistan Today:      Portswigger:         Dawn:     Tribune.pk:    The News.pk

You Might Also Read:

India’s New National Cyber Security Strategy:

 

« Detecting & Mitigating Cyber Attacks
Apple Uses Surveillance To Detect Child Abuse »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

AWS Marketplace eBook: Optimizing your cloud deployments to accelerate cloud activities, reduce costs, and improve customer experience.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

WireX Systems

WireX Systems

WireX is an innovative network intelligence and forensics company that is changing the way businesses resolve cyber-attacks.

SoSafe

SoSafe

Modern awareness training that works. With memorable content on all areas of IT security, with measurable learning success and full data protection compliance.

Exeon Analytics

Exeon Analytics

Exeon Analytics is a Swiss cyber security company that is specialized in detecting hidden data breaches and advanced cyber attacks.

National Accreditation Authority Hungary (NAH)

National Accreditation Authority Hungary (NAH)

NAH is the national accreditation body for Hungary. The directory of members provides details of organisations offering certification services for ISO 27001.

Geepy Smart Technology

Geepy Smart Technology

Geepy is the name for a range of smart products that integrate sensors, control, communications, cloud platform and cyber security.

Meriplex

Meriplex

Meriplex is a Managed Services provider specializing in Intelligent Networks, Cybersecurity and Cloud Communications.

Onevinn

Onevinn

Onevinn's goal is to create a transparent, cost-effective security that is noticed as little as possible by the users. We simply call it "intelligent security."

SightGain

SightGain

SightGain is the only integrated risk management solution focused on cybersecurity readiness using real-world attack simulations in your live environment.