Pakistan is intensifying its efforts to safeguard its most critical digital infrastructure as cyber threats become increasingly complex and persistent. The government is establishing a high-level national body to secure information systems that support governance, public services, and national security.
Officials warn that hostile agencies continue to target communication and cyber networks for espionage, disruption, and denial. These risks have pushed authorities to seek an urgent review of weaknesses across government information systems. The goal is to build a strong, sustainable, and resilient national information security framework.
To address this, the government is constituting the National Committee for Information Communications Security, known as NCICS. The committee is being formed under NCERT, dated 191225, and will serve as the central oversight body for federal cybersecurity efforts.
The NCICS will be chaired by the Secretary of the Ministry of Information Technology and Telecommunication. The committee brings together senior technical, regulatory, and administrative leadership from across the government.
Its composition includes:
The committee will also include co-opted members. These include additional secretaries from the Finance Division and MOFA. The Chairman of NCICS may add experts from academia or specific sectors when required.
The NCICS mandate centers on continuous oversight of government information systems. It will assess and monitor systems used by ministries, divisions, and organizations.
Its responsibilities include identifying vulnerabilities, conducting gap assessments, and reviewing existing security processes. The committee will also recommend measures to reduce risks and strengthen the overall security posture of public-sector information systems.
The committee will review completed cybersecurity and IT audits conducted by NTISB and NCERT. Based on this analysis, it will propose corrective actions to improve:
In addition, the NCICS will conduct gap assessments in critical sectors. These include Health, Energy, CAA, Transportation, and others. The aim is to identify system-level weaknesses and recommend targeted cybersecurity measures.
The committee will design a compliance mechanism tied directly to organizational KPIs. Essential information security controls will be embedded into performance frameworks. This approach is intended to ensure continuous monitoring and effective implementation across government entities.
A key outcome of the initiative is the creation of a Federal CERT, or FCERT, under NCERT. The FCERT will operate in line with CERT Rules 2023. The FCERT will focus on information security across all government ministries, divisions, and organizations. Authorities may also raise a managed security service provider component within the FCERT to strengthen operational capabilities.
To ensure efficient execution, the NCICS will form tier-down committees with defined roles.
These include:
The HR committee will also examine post creation, redesignation, and recruitment rules linked to information security roles.
The Cabinet Division will act as the Secretariat for the NCICS. The committee will submit quarterly progress reports to the competent authority. These updates will also highlight operational challenges, if any.
With cyber risks rising across borders and sectors, the formation of the NCICS marks a coordinated federal push to harden Pakistan’s digital defenses and reduce exposure to hostile cyber activity.