Pakistan Telecommunication Authority (PTA) has formulated a “cyber security framework” through extensive consultation and deliberation with the telecom industry and leading internet security experts.
The framework was based on the Critical Telecom Data and Infrastructure Security Regulation (CTDISR) by PTA and defined the obligation of auditors and PTA’s licensees.
It provides guidance to the auditors for performing gap assessment in the light of PTA’s cyber security regulations including interpretation and expectations against each security control where necessary.
As part of the framework, a maturity model has also been devised, whereby the controls have been classified on the basis of their critically.
It is pertinent to highlight that International Telecommunication Union (ITU) gives significance to the cyber security framework of each member state while calculating the Global Cyber Security Index (GCI).
The framework was a significant step toward improving the security landscape of the telecom industry and would enable organisations to manage better and reduce online security risks.