Expert: Dr. Zunera Jaleel, Professor and Chair at the Department of Cybersecurity at Air University, Islamabad, and researcher at the National Cybercrimes and Forensics Lab
Dr. Zunera Jaleel shared her insights on the current cybersecurity landscape in Pakistan. With six years of experience in cybersecurity and artificial intelligence, Dr. Jaleel offers a unique perspective on the challenges and opportunities facing the nation.
According to Dr. Jaleel, ransomware attacks have been the most prevalent threat globally and in Pakistan for the past some years. The emergence of generative AI tools has further complicated the landscape, making it easier for attackers to commit crimes. Advanced Persistent Threats (APTs) and the use of AI in cybercrime are among the latest trends observed in Pakistan.
She highlighted several key challenges facing Pakistan’s cybersecurity efforts. These include a shortage of skilled human resources, a lack of indigenous cybersecurity products, and inadequate legislation. As Pakistan moves towards digitalization, the need to protect digital data becomes increasingly critical, particularly in sectors that serve as repositories for sensitive information about people, organizations, and processes.
The cybersecurity threat spectrum in Pakistan is wide-ranging and not limited to domestic actors. State-sponsored cyber criminals from around the world often target insecure data in Pakistan, exploiting the lack of cybersecurity policies and training in many organizations. As a result, compromised resources from Pakistan frequently appear on the dark web.
She emphasized that awareness is the most crucial factor in protecting against cyber threats. She mentioned her role as the director of the Pakistan awareness program, part of the National Computer Emergency Response Team’s (CERT) ABC program. While major banks and other organizations have their own awareness initiatives, Dr. Jaleel stressed the need for more widespread education.
Human-dependent threats, such as phishing attacks, SQL injection attacks, and clickjacking, remain significant concerns. She emphasized the importance of educating people about safe online practices, including which links to click, how to identify compromised websites, and what information to share on social media.
The government plays a crucial role in cybersecurity through legislation and its implementation. She noted that while law enforcement agencies are working within the existing legal framework, they face challenges such as a lack of human resources, physical resources, and IT infrastructure. She called for the implementation of existing policies, including the National Cybersecurity Policy, digitalization policy, and cloud policy.
Dr. Jaleel highlighted successful examples of public-private partnerships in Pakistan’s cybersecurity sector. She mentioned the National Aerospace Science and Technology Park (NASTP) as a promising initiative with locations in Karachi, Lahore, Kharia, Islamabad, and Cameroon. These collaborations between the public sector, private industry, and academia are working towards creating a more secure cyber infrastructure.
Looking ahead, she emphasized the need for Pakistan to prepare for an expanding vector of AI-generated crimes. She recommended developing comprehensive legislation, digital forensic frameworks, and investigation protocols to address these emerging threats. Additionally, she stressed the importance of reducing dependency on non-indigenous products and becoming self-reliant in both software and hardware.
Dr. Jaleel suggested implementing a national educational framework similar to the U.S. National Initiative for Cybersecurity Education (NICE), which builds cybersecurity awareness from the school level up. This approach would help create a cyber-secure workforce prepared to join various organizations, defense institutions, and labs.
In conclusion, Dr. Jaleel’s insights highlight the complex challenges facing Pakistan’s cybersecurity landscape. Her recommendations for increased awareness, public-private collaboration, indigenous product development, and forward-thinking policies provide a roadmap for strengthening the nation’s digital defenses in the years to come.