The Pakistan Telecommunication Authority (PTA) has created a “cyber security framework” following extensive talks and engagements with the telecom industry and leading cyber security experts. The framework was based on the Critical Telecom Data and Infrastructure Security Regulation and specifies the obligations of auditors and PTA licensees (CTDISR). In light of PTA’s cyber security legislation, it provides guidance to the auditors on how to conduct gap assessments, including, where needed, interpretation and expectations for each security control.
The framework also includes a maturity model that categorises controls based on how crucial they are. It is crucial to remember that when developing the Global Cyber Security Index, the International Telecommunication Union (ITU) takes each member state’s cyber security into account (GCI). The framework would aid companies in better managing and reducing their cyber security risk and marked a substantial advance in the security environment for the telecom industry.