The Securities and Exchange Commission of Pakistan (SECP) has issued a cybersecurity notice, urging all companies to immediately strengthen their cybersecurity measures in response to increased geopolitical tensions and an increasingly complex threatening landscape.
The declaration was published at a time when security sources revealed that the details of a major cyber -offensive by Pakistan – Operation Bunyanum Marsoos – were launched in response to the Indian assault. The operation has targeted the key infrastructure sectors across India.
The operation has imposed significant disruptions in several Indian areas, including electrical infrastructure and oil systems, while causing serious Damage to Indian communications by deactivating official emails from the government and the OTP infrastructure.
The opinion, published on the SECP website, was published under article 40 (b) of the SECP law. He warned that non-compliance with emerging cyber-risk could cause operational disruptions, data violations, financial losses and reputation damage.
Learn more: Security sources reveal details on the massive cyber attack of Pakistan against India
The regulator has described several immediate recommendations for cybersecurity for businesses, including the implementation of multi-factory authentication, restricted access controls, employee training on phishing and false communications and regular vulnerability assessments.
The other key measures recommended include maintenance of offline data backups, updating antivirus protections and firewalls, hardening devices and systems by correcting known vulnerabilities and forming internal intervention teams in the event of an incident.
While emphasizing coordination and preparation for incidents, the SECP also advised companies to create internal intervention teams for incidents, regularly consult the opinions of the national emergency intervention team (CERT) and to coordinate with relevant cybersecurity organizations for intelligence sharing and detection of threats in a timely.
“Proactive cybersecurity stages are essential to protect the financial and information infrastructure of Pakistan,” said the Commission, urging businesses to maintain close communication with the SECP on the progress of implementation.
