National Cyber Emergency Response Team of Pakistan has conducted a detailed briefing session in Islamabad to update key stakeholders on the revised Pakistan Information Security Framework 2025, a policy initiative aimed at strengthening national information security governance and cybersecurity resilience. The session was chaired by Director General National CERT, Dr. Haider Abbas, TI, who in his opening remarks underlined the importance of PISF 2025 as a strategic instrument for enhancing Pakistan’s cybersecurity posture across public and private sector organizations. He highlighted that the framework is designed to provide structured guidance on information security management, institutional preparedness and coordinated response mechanisms, reflecting the evolving digital risk landscape faced by the country.
During the briefing, participants were informed about the consultative process that shaped the revised version of PISF 2025. National CERT shared that the initial draft of the framework was circulated in November 2025 among members of the CERT Council and relevant government stakeholders to ensure alignment with national priorities and regulatory expectations. At the same time, the draft was made publicly accessible to encourage participation from industry, academia and cybersecurity professionals. This open consultation resulted in 273 detailed comments received from a diverse group of contributors, including federal ministries, attached departments, academic institutions, private sector organizations, CERT Council entities and independent subject matter experts. National CERT explained that each submission was carefully reviewed and assessed, with relevant inputs incorporated to enhance clarity, structure and policy coherence within the framework.
A comprehensive presentation on the revised Pakistan Information Security Framework 2025 was delivered by Director GRC, Dr. Mehreen Afzal, who outlined the key refinements introduced following stakeholder feedback. The presentation focused on improvements in governance alignment, clearer delineation of roles and responsibilities, and strengthened emphasis on risk management, compliance and institutional resilience. Stakeholders were informed that the updated framework has been published on the official National CERT website for final review and comments. The consultation window remains open until 6 February 2026, during which organizations and individuals are encouraged to submit their observations and recommendations. National CERT also assured participants of its availability for continued engagement throughout this period, reinforcing its commitment to inclusive and collaborative policy development.
The session concluded with an interactive question and answer segment, allowing attendees to seek clarifications on specific provisions and share additional perspectives on implementation considerations. National CERT reiterated its focus on transparency and consensus driven policymaking, noting that the feedback received during the final consultation phase will be reviewed and incorporated where appropriate. Following the closure of the consultation window, the finalized PISF 2025 document will be submitted to the Government of Pakistan for approval by 13 February 2026. This submission is expected to mark an important step in formalizing a national level information security framework that supports consistent cybersecurity practices, strengthens institutional coordination and enhances the overall resilience of Pakistan’s digital ecosystem.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
