Computer Emergency Response Teams Rules 2023 approved by federal cabinet: Amin Ul Haque
CERTs Rules – 2023 provides legislative umbrella to handle ever-emerging cyber-security
ISLAMABAD ( Web News )
Federal Minister for Information Technology and Telecommunication Syed Amin Ul Haque has said that, in light of the recommendation received, incorporating the “views and Comments” of the stakeholders and vetting by Cabinet Committee for Legislative Cases (CCLC), federal cabinet approved the Computer Emergency Response Teams (CERTs) Rules 2023.
According to official statement that, under section 51, read with section 49 of the Prevention of Electronic Crime Act (PECA), 2016 and in compliance with the National Cyber Security Policy (NCSP), 2021, the Ministry of IT and Telecommunication (MoITT) as a designated organization of the Federal Government to deal with Cyber Security has formulated the CERT Rules in consultation with the concerned stakeholders. The consultation session with the Govt bodies and regulatory authorities was started in August 2021. Subsequently, sector regulators carried out extensive consultation with their respective private entities.
IT Minister in a statement said that CERTs Rules – 2023 provides legislative umbrella to handle ever-emerging cyber-security risks and vulnerabilities at the National, Sectoral and Organizational levels by laying out a working mechanism in the form of technical support, operational facilities and capacity-building services. “These Rules further provide a state-of-the-art proactive and integrated risk management process for identifying and prioritizing protective measures regarding cyber-security”.
He said that a CERT council will be established as a forum for consultative and coordinating process to advise CERTs for effective implementation f its functions and services. The definitions and constituencies of National CERT, Government CERT, Critical Information Infrastructure CERT, Sectoral CERT, Federal CERT and Provincial CERT are discussed separately, he added. The specific responsibilities, functions and services of the National CERTs and Sectoral CERTs are also outlined in the rules.
The Federal Minister for IT said that as far as Impact on Cyber Security Landscape are concerned, CERTs at National and Sectoral Levels, will enhance the overall cybersecurity posture and resilience at national level. CERTs are responsible for the protection against, detection of, and response to cybersecurity incidents, and will enhance a country’s ability to manage cybersecurity incidents.
Talking about function of the CERTs, Amin Ul Haque further stated that, National CERT will serve to build knowledge base that supports the implementation of National Cyber Security Policy / strategy, as well as an approach for the protection of critical information infrastructures; supporting the building of a national culture and ecosystem of cybersecurity, and related awareness raising initiatives for all segments of societies including children, youth, elders and women ; supporting the development of related national cybersecurity platforms, such as, Security Operation Centers, secure e-government services, national identity and access management frameworks; and further enabling Pakistan to develop and enhance its threat intelligence analysis, incident response and coordination capabilities at national as well as international level.