The National Cyber Security Framework for the telecom sector has set three compliance targets and maturity levels based on the complexity of the controls.
Pakistan Telecommunication Authority (PTA) has formulated a “Cyber Security Framework” which is based on the Critical Telecom Data and Infrastructure the Cyber Security Regulation (CTDISR) and defines the obligation for auditors and PTA’s licensees Pakistan Telecommunication Authority (PTA or the Authority) issued the Statutory Notification on September 8, 2020, having reference S.R.O. 1226(I)/2020. In exercise of the powers conferred by Clause, (o) of sub-section (2) of Section 5 of the Pakistan Telecommunication (Re-organization) Act, 1996 (XVII of 1996),
The PTA has announced the Critical Telecom Data and Infrastructure Security Regulations (CTDISR) 2020 that need to be complied with by all PTA Licensees. After the introduction of the CTDISR 2020, PTA has instructed all licensees to have a third-party review of the CTDISR measures from approved auditors and submit the report to the Authority.
The framework has set three compliance targets which are given below:
Control Level 1 (CL1): CL1 includes basic security requirements and controls.
Control Level 2 (CL2): CL2 includes advanced security requirements and controls in addition to the existing requirements within CL1.
Control Level 3 (CL3): CL3 includes requirements and security controls that are more focused on continuous monitoring and continuous process improvements to controls/requirements defined in CL1 and CL2 to achieve compliance with a higher level, compliance with all preceding levels is required.
Source: This news is originally published by propakistani