Baseline Security Guidelines Issued to Prevent Attacks
The Government of Pakistan’s National Cyber Emergency Response Team has established a round-the-clock National Cybersecurity Control Room at its headquarters in L-Block, Pak Secretariat, Islamabad.
The move comes amid concerns over potential targeted cyberattacks on critical government websites, networks, and national digital infrastructure during the current security environment. According to an official notification, the facility will function as the National Coordination Center for monitoring, analyzing, and responding to cyber incidents across the country.
Directives Issued to ISPs and CERTs
All Internet Service Providers (ISPs), Sectoral CERTs, and Provincial CERTs have been instructed to establish dedicated monitoring setups and ensure 24/7 surveillance of their networks and critical assets.
They have also been directed to immediately report any suspicious activity or confirmed cyber incidents to nCERT to enable a coordinated national response.
The directive emphasizes strict coordination protocols that were previously implemented during major national events and were described as effective in countering cyber threats from hostile actors.
Key Institutions Assigned Focal Persons
Major stakeholders, including the Ministry of Information Technology and Telecommunication (MoIT&T), Pakistan Telecommunication Authority (PTA), National Information Technology Board (NITB), and National Telecommunication Corporation (NTC), along with provincial IT boards and other relevant bodies, have been instructed to nominate focal persons.
These entities were asked to submit updated contact details to nCERT by March 4, 2026, to streamline communication during the monitoring period.
Read Also ; Pakistan Plans Largest Spectrum Auction in History
Two senior officials Dr. Muhammad Yousaf, Director CERT, and Dr. Mujahid Shah, Assistant Director (Incident Management) have been appointed as focal persons for national-level coordination.
Baseline Security Guidelines Issued
The notification also outlines National Baseline Security Guidelines aimed at preventing cyber incidents. The mandatory measures address threats such as phishing attacks, website defacement, credential leaks, data breaches, ransomware attacks, and system misconfigurations.
Recommended steps include implementing SPF, DKIM, and DMARC protocols for email security, deploying Web Application Firewalls, enforcing multi-factor authentication, encrypting data both at rest and in transit, and enabling centralized logging through Security Information and Event Management (SIEM) systems.
24/7 National Cybersecurity Control Room Activated
Authorities have also advised conducting regular vulnerability assessments and maintaining offline, air-gapped backups to mitigate ransomware risks.
Officials stated that the establishment of the control room reflects heightened vigilance and preparedness to safeguard national digital infrastructure amid evolving cybersecurity challenges.
