ISLAMABAD: The federal cabinet has given the green light to the Computer Emergency Response Team (CERT) Rules 2023, aiming to tackle the increasing cyber threats and hacking attempts faced by various public sector entities.
According to the approved rules, a CERT council will be established under the Ministry of IT and Telecom. This council will serve as a consultative forum and provide guidance to all tiers of computer emergency response teams, which will be responsible for protecting against, detecting, and responding to cybersecurity incidents. The establishment of such teams at national, government, defense, and other sector levels will enhance the country’s ability to manage cyber incidents effectively.
Federal IT Minister Syed Aminul Haque emphasized that these rules are crucial for streamlining the process of countering cyber-attacks and that the CERTs at various levels will prioritize and implement protective measures related to cybersecurity.
The rules outline the constituencies and roles of response teams for national, government, critical information infrastructure, sectoral, federal, and provincial levels. The national team’s responsibilities include coordinating responses to threats or attacks on critical infrastructure, information systems, critical infrastructure data, or widespread information system attacks within Pakistan. They will also have the authority to designate public or private infrastructure as critical infrastructure vulnerable to cyber threats.
The CERTs will support the development of national cybersecurity platforms, such as security operation centers, secure e-government services, and national identity and access management frameworks. This move is expected to enhance Pakistan’s threat intelligence analysis, incident response, and coordination capabilities both nationally and internationally.
The federal response team will focus on ensuring cybersecurity in federal government subjects and other public sector bodies, including autonomous and semi-autonomous organizations. On the other hand, provincial CERTs will function as sectoral teams, reporting to the national team through the government unit. They will be responsible for securing digital assets developed and used by relevant provincial public sector entities.
With the approval of the CERT Rules 2023, Pakistan is taking significant steps towards bolstering its cybersecurity posture and resilience at the national level, aiming to counter and effectively manage cyber threats and attacks.