Amid increasing cyber security threats, the Pakistan Telecommunication Authority (PTA) Tuesday announced a five-year comprehensive strategy to improve the digital resilience of existing telecom infrastructure against cyber attacks.
Titled "Cyber Security Strategy 2023-2028 for Telecom Sector", the roadmap focuses on six foundational pillars, each targeting a specific aspect of cyber security, such as legal framework, cyber resilience, proactive monitoring and incident response, capacity building, cooperation and collaboration, and public awareness.
The five-year plan reflects a holistic approach towards achieving a secure digital infrastructure in the country.
The strategy aims to mitigate the potential impact of cyberattacks that pose a threat to Pakistan's national security, economy and public services by improving cyber security awareness and education, investing in cyber security research and development, and collaborating with a range of partners, both in the public and private sectors.
The National Telecom Cyber Security Strategy (NTCSS) strives towards increasing the resilience of existing telecom infrastructure against cyberattacks.
Stressing a multi-stakeholder approach, the roadmap aims to foster active collaboration between public and private sectors, regulatory bodies, telecom operators, private security firms, academia, and civil society with an inclusive strategy aiming to create a united and comprehensive front against cyber threats.
Apart from strengthening cybersecurity, the PTA also aims to address capacity-building issues by creating a technically skilled workforce and managing the existing "brain drain" that the country is witnessing due to the increased global demand for cybersecurity professionals.
The regulatory body aims to collaborate with key stakeholders such as industry experts, academia, and government organizations, with efforts focusing on building domestic talent pipelines through professional training.
The PTA has also directed all its licensees to set up a dedicated CISO office with the necessary manpower and appointment of a C-level security officer (CISO) to ensure due importance to the cyber security in their organization and to improve recruitment/retention of talented cyber security resources.
With regard to bringing cyber awareness to the masses, the policy provisions the utilisation of digital mediums and services of telecom operators to educate the people regarding cyber incidents, their targets, processes and mitigations to mobile phone users.
The body also aims to work with telecom operators and educational institutions and plans to introduce relevant material into the national curriculum to bring awareness to the masses on the issue of cybersecurity.