Cabinet approves CERT rules to monitor cyber security in country

ISLAMABAD: The federal cabinet has approved Computer Emergency Response Team Rules (CERT) 2023 under which Cyber Threat Intelligence System will be established to monitor cyber security in the country.

The CERT will be established at the centre and provincial levels. According to approved CERT Rules 2023 by the Federal Cabinet which has not yet been notified states that a cyber-threat intelligence system shall be established to monitor the cyber security hygiene of affiliated constituents and keep CERT updated with situation awareness of our cyber frontiers.

The service, upon request, will also be provided to desiring constituencies subject to technical, operational, and administrative grounds.

This system will also perform the following functions, both onsite and offsite, for constituencies and critical network infrastructure owners: - (i) to address malware and worm detection, anomalies in egress and ingress traffic, and hygiene of the.gov.pk domains, government departments, and critical network infrastructure owners will share important gateway traffic-related details e.g. Traffic Type, capacity, bandwidth, congestion, etc. with the CERT for early detection and situational awareness with respective CERTs.

Vulnerability management including Triage Route and Track Vulnerability Reports. (ii) Hardware/Software Assessment (Whitelisting): This service will assist constituents of the CERT in the procurement and acquisition of software and hardware that are security tested for CERT Supporting Labs (Forensics & Screening) and subsequently approved by the Coordination Centre. Designated teams will also formulate hardening guidelines for hardware and software before deployment; and (iii) Coordination and Liaison with National/International Agencies: This service will coordinate with sectoral and international CERTs as well as with other agencies to leverage expertise in the field of cyber security and liaise on matters that could affect cyber security.

(b) Capacity Building Centre: The Capacity Building Centre will run a Cyber Security training and awareness programme through the implementation of a National Cyber Security Strategy, the provision of Analytic and Planning Support data, establishing liaison with Academia and Research Institutes, Public-Private/International Agencies-partnerships and publications of Research and whitepapers.

The Forensics lab will provide and extend 24x7 support to the Incident Management team. The Screening & Evaluation Lab will conduct screening and evaluations of hardware and software before their procurement and/or deployment and/or operationalisation of systems at the constituent’s premises. These services will be provided as per relevant certification programmes or standards that are applied by the CERT or relevant authorities.

According to official press statement issued by Ministry of Information Technology & Telecommunication stating that Federal Minister for IT and Telecom Syed Amin ul Haq has said that, in light of the recommendation received, incorporating the “views and Comments” of the stakeholders and vetting by Cabinet Committee for Legislative Cases (CCLC), Federal Cabinet has now approved the CERT Rules 2023.

According to official statement that, under section 51, read with section 49 of the Prevention of Electronic Crime Act (PECA), 2016 and in compliance with the National Cyber Security Policy (NCSP), 2021, the Ministry of IT and Telecommunication (MoITT) as a designated organisation of the federal government to deal with cyber security has formulated the CERT Rules in consultation with the concerned stakeholders. The consultation session with the government bodies and regulatory authorities was started in August 2021. Subsequently, sector regulators carried out extensive consultation with their respective private entities.

IT Minister further said that CERT Rules – 2023 provides legislative umbrella to handle ever-emerging cyber-security risks and vulnerabilities at the National, sectoral and organisational levels by laying out a working mechanism in the form of technical support, operational facilities and capacity-building services. "These Rules further provide a state-of-the-art proactive and integrated risk management process for identifying and prioritising protective measures regarding cyber-security".

He said that a CERT council will be established as a forum for consultative and coordinating process to advise CERTs for effective implementation of its functions and services.

The definitions and constituencies of National CERT, Govt CERT, Critical Information Infrastructure CERT, Sectoral CERT, Federal CERT and Provincial CERT are discussed separately, he added.

The specific responsibilities, functions and services of the National CERTs and Sectoral CERTs are also outlined in the rules.

Federal IT minister said that as far as Impact on Cyber Security Landscape are concerned, CERTs at National and Sectoral levels, will enhance the overall cyber security posture and resilience at national level.

CERTs are responsible for the protection against, detection of, and response to cyber security incidents, and will enhance a country’s ability to manage cyber security incidents.

Talking about function of the CERTs, Amin ul Haq further stated that, National CERT will serve to build knowledge base that supports the implementation of National Cyber Security Policy/strategy, as well as an approach for the protection of critical information infrastructures; supporting the building of a national culture and ecosystem of cyber security, and related awareness raising initiatives for all segments of societies including children, youth, elders and women; supporting the development of related national cyber security platforms, such as, Security Operation Centers, secure e-government services, national identity and access management frameworks; and further enabling Pakistan to develop and enhance its threat intelligence analysis, incident response and coordination capabilities at national as well as international level.