The Securities and Exchange Commission of Pakistan (SECP) has issued a cybersecurity advisory, urging all companies to immediately strengthen their cybersecurity measures in response to heightened geopolitical tensions and an increasingly complex threat landscape.
The statement was issued at a time when security sources have revealed details of a major cyber counter-offensive by Pakistan—Operation Bunyanum Marsoos—launched in response to Indian aggression. The operation targeted key infrastructure sectors across India.
The operation inflicted significant disruptions across multiple Indian domains, including power infrastructure and petroleum systems, while also causing severe damage to Indian communications by disabling official government emails and the OTP infrastructure.
The advisory, published on the SECP website, has been issued under Section 40(B) of the SECP Act. It warned that failure to address emerging cyber risks could lead to operational disruptions, data breaches, financial losses, and reputational damage.
Read more: Security sources reveal details of Pakistan's massive cyberattack against India
The regulator outlined several immediate cybersecurity recommendations for companies, including the implementation of multi-factor authentication, restricted access controls, employee training on phishing and fake communications, and regular vulnerability assessments.
Other key measures advised include maintaining offline data backups, updating antivirus and firewall protections, hardening devices and systems by patching known vulnerabilities, and forming internal incident response teams.
While emphasizing coordination and incident preparedness, the SECP also advised companies to establish internal incident response teams, regularly consult national Computer Emergency Response Team (CERT) advisories, and coordinate with relevant cybersecurity bodies for intelligence sharing and timely threat detection.
“Proactive cybersecurity steps are essential to safeguard Pakistan’s financial and information infrastructure,” the Commission stated, urging firms to maintain close communication with the SECP on implementation progress.
COMMENTS
Comments are moderated and generally will be posted if they are on-topic and not abusive.
For more information, please see our Comments FAQ