ISLAMABAD: Pakistan Telecommunication Authority (PTA) has launched its National Telecom Security Operations Centre (NTSOC), a centralised platform for the management of cyber-security incidents in the telecom sector.

The NTSOC is established under the Pakistan National Cyber-security Policy, 2021, and the Prevention of Electronic Crimes Act (PECA 2016), with the goal of securing Pakistan’s critical telecom data and infrastructure against cyber-attacks.

The NTSOC is the first ever sectoral Security Operations Centre in Pakistan, after the issuance of Cyber Security Policy. It is comprised three key components: Security Incident and Event Management (SIEM), Threat Intelligence, and Security Orchestration and Automated Response (SOAR) which have been indigenously customized to improve the country’s cyber-security ranking.

The NTSOC will have integration with telecom operators’ SOCs and the national Computer Emergency Response Team (CERT), ensuring quick and effective incident response.

Six telecom operators have been integrated with the NTSOC, with the rest to follow gradually. The project includes continuous enhancements in the provided solution to keep pace with evolving cyber-security threats.

The PTA released its Cyber Security Annual Report for 2022 on the compliance of its Critical Telecom Data and Infrastructure Security Regulations (CTDISR). The report provides a detailed analysis of the cyber security readiness and resilience of the top 15 telecom operators in Pakistan.

The Authority stated the cyber threat landscape had significantly grown over the past decade. This has required high-level cooperation and joint proactive effort among all stakeholders, including all telecom operators, to detect, protect and mitigate the emerging cyber threats and offensive activities, including state-sponsored attacks that would result in massive economic and reputational cost and would hinder the digital and technological growth of the nation.

With cyber security receiving the central focus globally, it is imperative that all telecom operators comply with the requirements of CTDISR to protect critical telecom data and infrastructure, and stay ahead of other sectors in providing safe experience to telecom users while proactively combating against latest and advanced incoming cyber security challenges, the report noted.

The PTA conducted validation audits of top 15 operators, categorized on the basis of their size of network and license type, among other factors. According to the report, Pakistan Mobile Communications Limited (PMCL) - Jazz has secured the highest percentage of compliance in Cat-I category (this includes all Cellular Mobile Operators and large fixed-line operators with multiple licenses), followed by Telenor Pakistan as runners-up.

In Cat-II, which includes medium to large operators/ISPs, Red Tone has secured the highest percentage of compliance, followed by Multinet as runners up. The report includes an overall Cyber Security Index (CSI) of the telecom sector, as well as ranking of telecom operators based on their level of compliance to 16 Security Domains comprising 104 Security Controls outlined in CTDISR.

The report also highlights strong and weak areas of the telecom sector and provides aggregated anonymized information about major cyber security incidents in the last year.

The Cyber Security Annual Report 2022 is based on the Cyber Security framework published by PTA in 2020 and 3rd party audits performed by PTA’s registered cyber security firms.

The PTA remains committed to securing Pakistan’s telecom sector and its users from cyber-attacks by implementing robust cyber-security regulations and validating these with regular audits to ensure compliance. The PTA also encourages operators to prioritize cyber security and strive for continuous improvement to ensure a cyber-resilient telecom sector for all.

Copyright Business Recorder, 2023


Comments are closed.