The federal government has decided to formulate a legal framework related to cyber security. The decision to create cyber security has been made in a meeting of the National Security Committee chaired by Prime Minister Shahbaz Sharif.
The meeting of the National Security Committee was called on the issue of the audio leaks of the Prime Minister’s House, in which federal ministers, services chiefs, and civil and military officials participated.
According to the declaration of the meeting, it has been decided to form a high-powered committee under the chairmanship of Interior Minister Rana Sanaullah to investigate the audio leaks. According to the statement, it has also been decided to prepare a legal framework related to cyber security. The Ministry of Law and Justice has been instructed to prepare it, and the Ministry of Law and Justice will prepare the legal framework in accordance with the National Cyber Security Policy 2021.
The cyber security policy was approved by the federal cabinet in July 2021. The main objectives of the policy include the establishment of governance and institutional framework for a cyber secure ecosystem, to enhance the security of the national information system and infrastructure.
It also includes the creation of an information sharing mechanism at all tiers, and protection of National Critical Information Infrastructure by mandating national security standards and processes. It also includes ensuring the integrity of ICT products and protection of online privacy of the citizens, training skilled Cyber Security professionals, and encouraging and supporting indigenization and development of Cyber Security solutions through R&D Programs.
According to Cyber Security Policy 2021, in order to achieve objectives and effectively implement National Cyber Security Policy, an objective-based legal framework will be created for cyber governance. The legal framework will be formulated after consultation with all stakeholders.
According to the Cyber Security Policy, the legal framework may include, the formulation of the National Cyber Security Plan and Cyber Security-related Laws. The framework will also include Rules and regulations for the National Cyber Security framework.
According to the policy, National Cyber Security /Governance Operations and information sharing mechanism shall be formulated for incident handling, management capability, and cyber situational awareness. The policy also suggests compliance, screening, accreditation, and risk management regulations: for Critical Information Infrastructure, public-private partnerships, capacity building, Cyber Security awareness, R&D programs, and global cooperation.
The policy also proposes the standardization of Digital and Network Forensics processes and Infrastructure for Cyber Governance in harmonization with this policy and PECA 2016/ any other relevant law, compliance for auditing and ensuring the national Cyber Security standards, prioritizing initiatives to address growing dimensions of the cybercrimes by empowering the legal entities and rectifying the shortcomings under PECA 2016.