November 25, 2008

PTA initiates development of ICT Security Framework

chairman pta chairing a meeting of expert group

 

Islamabad: Pakistan Telecommunication Authority (PTA) organized an Expert Group Forum meeting on â??Information Security Guidelines for the Government of Pakistanâ?today with the aspiration to setup comprehensive, pragmatic and implementable security guidelines that could be followed to ensure that countryâ??s national asset and information, does not reach unauthorized personnel. These guidelines would not only prevent information loss, but would also detect and identify such incidents as and when they happen. The session was presided over by Dr. Mohammed Yaseen, Chairman PTA and was well attended by Security Experts from various Cellular Operators, Software Houses and Information Communication Technology (ICT) equipment manufacturers. The initial Terms of Reference (ToR) were prepared by ICT Directorate of PTA and were circulated to all the Information Communication Security (ICS) Group members to share their invaluable input and expertise on the subject matter.

The Chairman PTA, Dr. Mohammed Yaseen said that the field of Information Security has grown and evolved significantly in recent years. Governments and organizations today; have a critical task of securing their data and information from internal and external threats. He said that loss of such information may lead to problems, including but not limited to; lack of productivity, competitive disadvantage and national security concerns. Nations across the globe are fostering their efforts for the formulation of National Information Security policies and PTA also believes that in view of the ever changing global ICT scenario; modalities for securing National data from unauthorized access and misuse would be step in the right direction.

Chairman said that PTA intends to establish working coordination with ICT Industry in order to discuss and scrutinize potential security threats faced by information and communication networks of the country. In this regard PTA has formulated an expert group forum on â??Information and Communication Securityâ?? to carry out extensive discussion and exchange information with respect to information security issues in the country.

He apprised the audience that â??Information Security Guidelinesâ? for the Government of Pakistan were bifurcated to cater for three types of information users namely The Government Organizations, The Telecom Industry and The End User. Each Information user guidelines were to be based upon metrics such as International Best Practices, Government Information Security Policy, ICT Infrastructure Security Guidelines, Physical Security Guidelines and Departmental Security Plan/Policy.

Other issues highlighted in the meeting include Assessment of ICT assets, Impact of Distributed ICT assets environment, Security guidelines for physical access to assets, Backup strategy guidelines, Disaster recovery guidelines, Access Control Guidelines, Integration with ICT Infrastructure Security Guidelines, Security training and capacity building of Personnel, Prevention and detection system guidelines, Hierarchy and escalation paths, Analysis of Information Security Policies of select countries with respect to their telecom infrastructure, Analysis of Applications in Pakistan and Technology Updates and guidelines for inclusion of future technological changes.

The meeting was concluded with a joint note that PTA would call papers from eligible and experienced firms to identify security threats as well as preventive measure that these information users can take to ensure that the data they possess is safe and secure.

 

Khurram Ali Mehran

Deputy Director (PR)