The Government of Pakistan’s National Cyber Emergency Response Team (nCERT) has set up a 24/7 National Cybersecurity Control Room at its headquarters in L-Block, Pak Secretariat, Islamabad, in response to growing digital threats. The initiative comes amid an increasingly sensitive security environment, where the risk of targeted cyberattacks on key government websites, official networks, and national digital systems has significantly increased.
The newly established facility will function as the central coordination hub for CyberSecurity operations across the country. According to an official notification, the control room will monitor, assess, and respond to cyber incidents nationwide, ensuring a unified and rapid reaction to any emerging threat.
All Internet Service Providers (ISPs), Sectoral CERTs, and Provincial CERTs have been directed to activate dedicated monitoring systems and maintain continuous surveillance of their networks and critical digital assets. They are also required to promptly report suspicious activities or confirmed breaches to nCERT to enable a coordinated CyberSecurity response.
The directive emphasizes strict coordination protocols previously implemented during major national events, which proved effective against hostile cyber actors. Key institutions—including the Ministry of Information Technology and Telecommunication, Pakistan Telecommunication Authority, National Information Technology Board, National Telecommunication Corporation, and provincial IT boards—have been instructed to nominate focal persons and provide updated contact details to nCERT by March 4, 2026. Dr. Muhammad Yousaf and Dr. Mujahid Shah have been appointed as national-level focal persons for incident management and coordination.
The notification also outlines National Baseline Security Guidelines to prevent phishing, defacement, credential leaks, data breaches, ransomware, and system vulnerabilities. Recommended CyberSecurity measures include implementing SPF, DKIM, and DMARC protocols, deploying web application firewalls, enforcing multi-factor authentication, encrypting sensitive data, enabling centralized logging systems, conducting regular vulnerability assessments, and maintaining secure offline backups.
Additionally, the advisory highlights the importance of business continuity planning, redundant internet connections, tested failover systems, and secure configuration management. The establishment of this control room demonstrates heightened CyberSecurity vigilance to safeguard Pakistan’s digital infrastructure during a critical period.
