Pakistan Telecommunication Authority (PTA) is taking proactive measures to address cybersecurity challenges in the telecom industry by initiating the development of a National Telecommunication Sector Risk Register. As outlined in the Cyber Security Strategy for Telecom Sector 2023-28, this strategic move aims to provide a comprehensive overview of cybersecurity challenges faced by the industry.
The Risk Register goes beyond mere identification of risks; it is designed to offer insightful strategies through the Cyber Security Strategy, prioritizing and effectively mitigating these challenges. PTA is gearing up to establish an automated system for risk classification, ensuring a more accurate and dynamic assessment based on real business impact.
In a bid to enhance cybersecurity practices, PTA is encouraging third-party audit firms to adopt a risk-based auditing approach. This collaborative effort ensures that auditing processes align with the dynamic nature of cyber threats, contributing to the resilience of the telecom sector.
Breaking away from conventional scoring mechanisms, PTA’s automated risk classification system emphasizes the actual business impact of identified risks. This approach aims to provide a more nuanced understanding of potential threats.
It’s worth noting that PTA had previously launched the CERT portal in 2021, dedicated to improving the security posture of the Pakistan Telecom Sector and safeguarding National Critical Telecom Data and Infrastructure. In a subsequent move in February 2023, the authority unveiled its National Telecom Security Operations Centre (NTSOC), a centralized platform aimed at managing cybersecurity incidents in the telecom sector efficiently. These initiatives collectively underscore PTA’s commitment to fortifying the cybersecurity framework in the telecommunications industry.
