Cyber security is the protection of computer systems, digital infrastructure, networks, and data from cyber-attacks. It is a process that secures systems, sensitive information, services, and devices from cyber-attacks across the globe.
Cyber crimes have been increasing at a very high rate over the past couple of years. Particularly, financial frauds via different social media platforms during 2018 – 2021 increased by 83% according to the reports of the Federal Investigative Agency (FIA). Earlier this year, the DG FIA Dr. Sanaullah Abbasi stated that FIA received over 100,000 complaints in 2021 across Pakistan.
He also said that the frequency of reports has increased, with over 60,000 complaints registered in the first quarter of 2022. However, Pakistan has several initiatives in place through various provincial, federal, and sectoral regulators to safeguard citizens and digital systems.
Some of the major ordinances and acts passed by the federal and provincial governments include the National Cyber Security Policy 2021, Prevention of Electronic Crime Act 2016, Investigation for Fair Trial Act 2013, Prevention of Electronic Crimes Ordinance 2007, Electronic Transaction Ordinance 2002, and Pakistan Telecommunication Act 1996.
Moreover, the State Bank of Pakistan issued various cybersecurity guidelines related to the financial sector. Pakistan Telecommunication Authority (PTA) has established the Computer Emergency Response Team (CERT) which particularly targets the telecom sector. Unfortunately, there is no CERT at the national level under any ministry.
To commence academic research and development, the National Center for Cyber Security was established in 2018 by the Ministry of Planning, Development, and Special Initiatives. The Higher Education Commission (HEC) has also articulated new academic degrees at Bachelor’s, Master’s, and Doctoral levels specifically in the domain of cyber security and systems security.
Nevertheless, the demand and supply gap for digital skills in cybersecurity, in particular, is ever swelling, which emphasizes the need for uplifting existing resources.
In addition, this is vital to improve certain institutional and legislative frameworks that are in place and reinforce the organization directed for national cybersecurity. All of the legal structures, frameworks, and processes related to the cybersecurity domain need to be continuously assessed, monitored, and improved.
Nevertheless, with regards to setups accountable for cybersecurity in the country, we have very limited Cyber Security Incident Response Teams which are functioning at the organizational level in the private, public, and defense sectors.
To address potential cyber-attacks, it is imperative to form a National CERT through coordination between federal and provincial governments at the earliest. Similarly, provincial-level CERTs should also be established by all provincial governments that collaborate with the National CERT.
The government should also launch awareness programs across the country at public/private academic institutions, state institutions, and mainstream media to educate the nation. Cyber volunteers’ initiative for youth can be another great step in this regard.