Overview
- The planned authority would propose protections for critical systems and lead national cybersecurity initiatives.
- The IT ministry has circulated an initial Cybersecurity Act draft to stakeholders for feedback, while some incident details remain undisclosed for sensitivity.
- NADRA, the FBR and telecom-sector data now carry critical infrastructure status, with immigration and passports systems under review.
- A breach at OGDCL erased 21 virtual servers before a three-day disaster-recovery restore, illustrating weaknesses identified by officials.
- Until the authority is established, the 14-member CERT Council coordinates responses as work proceeds on the Information Security Framework 2025, a secure data exchange layer and digital identity projects.