ISLAMABAD: Pakistan is preparing a Cyber Security Act and a dedicated regulatory authority to strengthen defenses against rising digital threats as the country rapidly digitizes government services and economic systems, IT Minister Shaza Fatima said while addressing a ceremony in the federal capital on Wednesday.

The planned legislation is part of Islamabad’s broader “Digital Nation Pakistan” initiative, which aims to expand e-governance, a cashless economy and online public services while safeguarding national cyber infrastructure.

“The more we move toward digitization, with the kind of opportunities that are opening up for us, it is also bringing an equal, or even greater, set of challenges,” the minister said. “This does not mean that we stop digitization. It means that we must make our cybersecurity systems robust.”

She said Pakistan had already activated its National Computer Emergency Response Team (CERT) and provincial CERTs to detect and respond to cyber incidents, while a multi-agency digital monitoring framework known as the National Threat Intelligence System (NTIS) operates around the clock.

“We have a Cyber Security Act coming up, under which a Cyber Security Authority will be established.”

The minister said cybersecurity was not a “generic” concept and required multiple technical specializations as well as comprehensive monitoring and regulation. She warned that the rapid expansion of data-driven technologies was creating new risks even as it opened opportunities in areas such as health and biotechnology.

Referring to advances in genomics and precision medicine, she said the same technologies that help treat diseases could also pose security risks if sensitive biological data were misused. She warned that access to large-scale genetic data could potentially allow hostile actors to develop targeted viruses or other biological threats against populations.

The minister also highlighted Pakistan’s cyber defense capabilities, saying government and military systems remained secure during last year's war with India despite sustained cyber warfare attempts.

She said multiple institutions, including the IT ministry, the National Telecommunication Corporation (NTC), national cybersecurity teams and the armed forces’ cyber command structures, worked together to defend critical systems.

“Despite that massive war ... we did not face a single communication breakdown and we did not allow any penetration into our government systems,” she said, adding that the experience demonstrated the need to further strengthen cybersecurity coordination across institutions.