Dynamic laws & policies a must to cope with cyber-attacks: Experts


ISLAMABAD (26 May 2022): Over the years, Pakistan has survived numerous cyber-attacks from multiple state and non-state actors, hence dynamic policies and laws are needed to cope with the menace.

This was stated by Brigadier (Retd) Mohammad Yasin, the Adviser Emeritus, Sustainable Development Policy Institute while initiating discussion at the 63rd Meeting of SDPI’s Study Group on Information Technology and Telecommunication (ICT).

Pakistan has such policies and laws which obviously cannot be static, and must be evolved to keep pace with the impending cyber threats and attacks, Brig. Yasin said.

Dr. Muhammad Mukaram Khan, Director-General, Cyber Vigilance, Pakistan Telecom Authority said it’s time to ‘act now’ to secure laws/policies for implementation. Warning about the threats, including cyber incidents in Industry, he stressed the need to identify data breaches. Pakistan is among 10 most targeted countries in the world, so copyright and trademark offences need international legislative responses and countries cooperation on cybercrime. Pakistan must ensure system security hardening, revision of PECA-2016 to PECA-2022 as well as social media roles with the help of establishing telecom operators approved by the PTA.

Prof. Dr. Haider Abbas, Military College Signals, University of Science and Technology, said that Pakistan lives in an era of cybersecurity, which require fulfilling human expectations of cybersecurity skills gap. Mentioning lack of women participation in workforce to meet challenges in Pakistan, he said, these are inadequate for the prevention of crimes. “We need human resource capacity building, inclusion of customized programmes, establishment of centers and labs of excellence, startups, and public-private partnerships in terms of skill development. He said that cyber security development via educational programmes need to develop research, competitions, and by encouraging youth in cyber security competitions. He recommended partnerships of industry and academia to ensure capacity building to assess cyber security issues. He also emphasized to undertake academic research programmes by Higher Education Commission, and funding for interdisciplinary research involving psychology and cyber security skills. He further suggested organizing webinars and cross-lab trainings at government organizations for the implementation of laws and policies.

Dr. Abid Qaiyum Suleri, SDPI Executive Director, concluded that cyber security policy needs to take full ownership by the government for the implementation of national cyber security policies. Export potential mechanism strengthening of cyber security for the economic perspective encompass defense. Internet of things devices need to be operated by software companies with joint partnerships with Internet of things (IoT) arena in Pakistan, he said, adding that the data shall be strategically secured on cloud services or google drives. “New alignment for international cooperation with five eyes such as US, UK, NZ, Canada and EU should be integrated for the strategical benefit, he maintained.

Aslam Hayat, Senior Policy Fellow, LIRNEASIA; Partner HaYat and Noorwala; Former Head of Telenor Pakistan Regulatory Wing said that Pakistan’s cyber security policy does match with the current needs. Discussing the indictors in connection with the success of any policy, he said the framework, over-reaching principles, and good practices are the need of hour to focus on policies. Pakistan, which ranked 79 in Global Cyber Security Index, needs to invest in capacity building of cyber security human resources. He stressed the need for strengthening National Cyber Security Policy through identifying right risks and challenges, establishing trust in digital transaction to improve Pakistan’s ICT ranking for the implementation and follow ups through stakeholders.

Ms Ameena Sohail, Managing Partner Precision Consultants and former Member (Legal) at the Ministry of Information Technology, sought the way forward by highlighting the measurements of state’s commitment of UN International Telecommunication Union (ITU) to cyber security which involves legal, technical, organizational, capacity building and internal cooperation. To secure crimes such as cyber-terrorism, she said hate speech needs interest of offences affecting social fabrics. FIA as a designated agency should play its role while imparting trainings to take cognizance of offences of dignity, modesty, cyber-stalking, and spamming, she said, adding that the Ministry of interior and Ministry of Information Technology must be technically equipped to overcome cybercrime challenges. “It’s the responsibility of Pakistan Telecom Authority to remove unlawful online content in line with our laws.” To maintain safeguard and precautions in handling computer emergencies, international cooperation for investigation should be made, she suggested.