The government of Pakistan has introduced a proposal under the Pakistan Information Security Framework (PISF) to enforce mandatory deadlines for reporting cybersecurity incidents. The initiative aims to bolster the incident reporting and response mechanisms across ministries, departments, and public sector organizations.

According to the proposed framework, organizations classified as Critical Information Infrastructure (CII) must immediately notify their sectoral regulators, Computer Emergency Response Teams (CERTs), and the National CERT upon verification of a cybersecurity incident. Additionally, a detailed incident report is required within 72 hours of incident verification.

For public sector organizations not designated as CII, the proposal mandates reporting verified cybersecurity incidents to the relevant sectoral regulator or CERT within 120 hours. This tiered approach ensures timely communication and coordination across all government bodies depending on the criticality of their infrastructure.

The framework also obliges organizations to develop comprehensive cybersecurity incident management policies, encompassing preparation, detection, response, mitigation, reporting, recovery, and post-incident review stages. Clear roles and responsibilities are to be defined, and cybersecurity incidents classified based on their severity and impact to streamline the response process.

To further strengthen cyber resilience, the proposal emphasizes the need for adequate staffing, ongoing training, and periodic cybersecurity drills. These exercises are meant to identify operational gaps, refine incident handling procedures, and improve organizational readiness against evolving cyber threats.

Moreover, organizations are encouraged to evaluate the implementation of Security Operations Centres (SOC), Security Information and Event Management (SIEM) platforms, and other surveillance technologies to enhance threat detection and incident response capabilities.

Post-incident, organizations must document lessons learned and execute corrective actions within stipulated timelines to reduce recurrence risks. The framework also integrates cybersecurity response strategies with business continuity and disaster recovery plans, requiring organizations to set recovery objectives, conduct annual continuity exercises, and maintain documented procedures to manage cyber emergencies effectively.

The introduction of PISF is a strategic step towards establishing a standardized cybersecurity governance framework across Pakistan’s public sector. This move is expected to enhance preparedness, improve incident reporting, and fortify the protection of government information systems against increasingly sophisticated cyber threats.

Related Stories

Similar Posts

  • Jazz Mega overbilling Scam Lands in PAC 

    The Jazz overbilling scam worth over Rs 6 billion has landed in the Public Accounts Committee (PAC) for further probe and action.  Lawmakers have questioned Rs6bn recovery from consumers, poor service quality, and delays in telecom sector reforms. The Senate Standing Committee on Information Technology and Telecommunications, chaired by Senator Palwasha Khan, on Friday scrutinized…

  • PTA Alerts Public to Temporary DIRBS Outage

    The Pakistan Telecommunication Authority notified the public about scheduled system maintenance by the Federal Board of Revenue. The maintenance will occur from 10:00 PM on Saturday, 6th December, until Sunday evening, 7th December 2025. During this period, the Device Identification Registration and Blocking System will remain temporarily unavailable for all users. Read More: FIA Warns…

  • |

    inDrive Launches Grocery Delivery with Krave Mart

    inDrive, a global mobility and services platform, has expanded its services in Pakistan with the launch of inDrive.Groceries, in collaboration with its dark stores partner Krave Mart. The new service enables users to order daily essentials directly from the inDrive app, bringing fast, reliable, and affordable grocery delivery to Karachi, with expansion plans for Lahore,…

  • Pakistan moves closer to 5G auction decision

    Pakistan is heading to auction 5G amid fears of low response from telecom companies. The telecom companies have been resisting over higher taxes and spectrum fee in dollars. During the last spectrum auction, three other telecom operators like Jazz, Telenor and Zong had boycotted the auction and did not participate. Ufone was the only company…

  • Breaking: 50% Dollar Utilization for IT Firms Allowed

    Staff Report In a groundbreaking decision, the Special Investment Facilitation Council has granted 50 percent Dollar Utilization for IT Firms. This decision allows IT companies to transfer their offshore accounts to Pakistan, said Dr. Saif caretaker IT Minister in a statement. He said that the current IT export volume, standing at $2.6 billion, could potentially…

  • |

    Pakistan And KSA Launch GO AI Hub to Boost Innovation

    In a landmark step towards advancing Pakistan–KSA digital collaboration, GO AI Hub, Pakistan was inaugurated today in Islamabad through joint initiative of Ministry of Information Technology and Telecommunication (MoIT&T) and KSA’s GO Telecom (Etihad Atheeb Telecommunication Company).The launch marks a major milestone in strengthening bilateral cooperation in artificial intelligence, data infrastructure and human capital development,…