Provincial Computer Emergency Response Teams (CERTs) have been established in Punjab, Khyber Pakhtunkhwa (KP), Sindh, and Balochistan, Pakistan’s four provinces. These teams are composed of particular departments.
According to sources, Sindh has identified its Science Department as its CERT, while Punjab has selected the Punjab Information Technology Board (PITB). In addition to the KP Computer Emergency Response Centre (CERC), which is now operational, Khyber Pakhtunkhwa has designated the KP IT Board as its own CERT. Additionally, Balochistan has decided to handle its CERT responsibilities through its Science Department.
Ministry of IT and Telecom officials have attested to the fact that the provinces have conveyed their decisions and that the Ministry has taken action to form a CERT council. Academic institutions, businesses, and civil society organisations have already nominated members of the CERT council to the Ministry of IT and Telecom.
Important CERTs will be formed by the CERT council, which will serve as the supreme authority regulating cybersecurity measures. It will forward suggestions for Sectoral and Provincial CERT formation. The federal government shall formally notify the designated provincial CERTs in accordance with these suggestions.
The National, Provincial, Government, and Sectoral CERTs will be part of the organisation, as per the CERT Rules, 2023. The National CERT was already informed by the federal government in March of this year. Coordination of efforts to address cybersecurity vulnerabilities across the country will pick up steam with the establishment of the CERT council.
The following are some ways that provincial Computer Emergency Response Teams (CERTs) can help people and organisations:
- Incident Response and Recovery:
Cybersecurity events are immediately handled with the help of CERTs. They offer recommendations for reducing harm, recouping from assaults, and minimising threats.
- Threat Intelligence Sharing:
CERTs gather, compile, and examine threat data. Businesses and people can improve their overall cybersecurity readiness and awareness by disseminating this knowledge.
- Managing Vulnerabilities:
Coordination of vulnerability disclosures and communication between vendors, security researchers, and impacted parties are the responsibilities of CERTs. This lessens the chance of vulnerabilities being exploited.
- Awareness and Training:
CERTs provide workshops, awareness campaigns, and training sessions. These instruct users on risk management, safe procedures, and secure code.
- Working together and establishing connections:
CERTs encourage cooperation between interested parties. They create connections between people, businesses, and governmental entities to improve the cybersecurity ecosystem as a whole.
At the individual and organisational levels, CERTs are essential for improving cybersecurity resilience.