In a significant move to enhance the country’s cybersecurity infrastructure, the Ministry of Information Technology and Telecommunication (MoIT&T) has announced the formation of the National Computer Emergency Response Team (CERT) Council. The council, established under Rule 4 of the National Computer Emergency Rules 2023, aims to serve as a consultative and advisory body for all levels of CERTs across Pakistan.
The CERT Council will comprise 15 members, making it the largest forum of its kind in the country. The ministry has already notified 10 members, with the remaining members to be appointed soon. The council’s primary functions include ensuring effective performance of CERT roles, conducting assessments, and resolving conflicts as per the guidelines outlined in the CERT Rules 2023.
The council’s membership reflects a cross-sectoral approach to cybersecurity governance, with representatives from various government ministries, industry, academia, and civil society. The Federal Secretary for IT and Telecom will chair the council, while the Director General of the National CERT will serve as the council’s secretary. Additionally, representatives from the Ministry of Defense, Ministry of Foreign Affairs, National Security Division, and Ministry of Interior will also be part of the council.
For a one-year term, three members have been appointed from industry, academia, and civil society to ensure nCERT is incorporating diverse perspectives into the nation’s cybersecurity strategy. These members include Mehzad Sahar, a Chief Information Security Officer representing the industry; Dr. Muhammad Fareed Zafar, an associate professor representing academia; while Babar Suhail will be representing civil society.
The establishment of the CERT Council is a crucial step in enhancing the coordination and effectiveness of Pakistan’s cybersecurity infrastructure. It is expected to significantly enhance the country’s ability to respond to cyber threats and support the development of a resilient digital infrastructure. This move follows the earlier formalization of the National Computer Emergency Response Team (nCERT), further consolidating Pakistan’s cybersecurity initiatives under a cohesive and unified framework.
