Pakistan Telecommunication Authority (PTA) has formulated a “cyber security framework” after holding extensive consultation and deliberation with Telecom Industry and leading cyber security experts.
The framework was based on Critical Telecom Data and Infrastructure Security Regulation (CTDISR) and defines the obligation for auditors and PTA’s licensees.
It provides guidance to the auditors for performing gap assessment in the light of PTA’s cyber security regulations including interpretation and expectations against each security control where necessary.
As part of the framework, a maturity model has also been devised, whereby the controls have been classified on the basis of their critically.
It is pertinent to highlight that International Telecommunication Union (ITU) gives significance to the cyber security framework of each member state while calculating Global Cyber Security Index (GCI).
The framework was a significant step towards improving the security landscape of the telecom industry and would enable organizations to better manage and reduce cyber security risk.
