Tech Desk 
Nov 14, 2025
The Pakistani government has initiated a robust cybersecurity strategy by establishing nine Computer Emergency Response Teams (CERTs) under the CERT Rules-2023, a move executed in the face of a spike in cyber attacks globally.
Consisting of National, Punjab, KP, Balochistan, Sindh, AJK, GB, Telecom, Defence, and Community teams, the CERTs aim to enhance national cyber governance and digital security, laying the foundation of Pakistan's evolving cyber-response framework.
In this regard, the IT ministry has outlined various reforms under the National Cyber Security Policy (NCSP-2021), set in place through the Digital Economy Enhancement Programme (DEEP).
The key components of this programme include a Secure Data Exchange Layer, Digital Identity, and e-Citizen enablement.
A draft for the National Cyber Security Act is currently under consultation, and a 14-member CERT Council has been established to look after cybersecurity initiatives until a central authority is formed.
The National CERT has been operational since 2023-24, providing guidelines for the designation and protection of Critical Information Infrastructures (CIIs).
The information systems of NADRA, FBR, and the telecom sector have already been classified as CIIs, with additional systems undergoing assessment.
It's worth noting that protection protocols and relevant criminal proceedings will adhere to the provisions of the Prevention of Electronic Crimes Act (PECA-2016).
This approach is expected to revamp Pakistan's cybersecurity landscape and enhance the protection of its critical digital assets.
