The government has set up a ‘Cyber Governance Policy Committee’ for the implementation, oversight, strategy and action plan of the ‘National Cyber Security Policy 2021’.
The federal cabinet on Tuesday approved the country’s first ‘National Cyber Security Policy 2021’ prepared by the Ministry of IT & Telecom.
A team equipped with experts and all required and modern tools will work to ensure cybersecurity. A budget of Rs. 1.92 billion has been allocated for the national level response team, said Federal Minister for Information Technology and Telecommunication Syed Amin Ul Haque in a brief after the Cabinet meeting.
Strengthening the cybersecurity posture of Pakistan will promote citizens’ trust in digital solutions and will bring economic prosperity, he added. He said that the first objective of the policy is to ensure the protection of online data and information of citizens and public and private institutions. Public and private institutions’ data, services, ICT products and systems would be bound to the National Cyber Policy.
As per the policy, a cyber attack on a Pakistani institution would be considered an attack on national integrity, said the minister, adding that in case of a cyber attack, all required steps and retaliation will be carried out.
Cybersecurity process to be integrated and strengthened in public and private service networks, said the minister, adding that under the policy, computer emergency response teams will be formed at national, sector and institutional levels.
The policy framework is envisaged to secure the entire cyberspace of Pakistan, including all information and communication systems used in both the public and private sectors.
The objective of the policy is to establish a governance and institutional framework for a secure cyber ecosystem, create protection and information-sharing mechanism (CERTs/ SOCs) at all tiers capable to monitor, detect, protect and respond against threats to national ICT/CII infrastructures, protect National Critical Information Infrastructure by mandating national security standards and processes related to the design, acquisition, development, use and operation of information systems, enhance security of government information systems and infrastructure, create an information assurance framework of audits and compliance for all entities in both public and private sectors, ensure integrity of ICT products, systems and services by establishing a mechanism of testing, screening, forensics and accreditation, develop public-private partnerships and collaborative mechanism through technical and operational cooperation, create a country-wide culture of cybersecurity awareness through mass communication and education programs, develop and create skilled cybersecurity professionals through capacity building, skill development and training programs.
To mitigate cyber threats the country faces today and to improve the national cybersecurity outlook, it is imperative to undertake the strengthening of national cybersecurity capabilities through the development of essential and well-coordinated mechanisms, implementation of security standards and regulations under a policy and legislative framework, it added.