KARACHI: Pakistan’s central bank on Monday launched a nationwide cyber resilience framework aimed at strengthening the security of banks and financial institutions against growing cyber threats and protecting customers’ access to financial services.
Pakistan has seen rapid growth in digital payments, branchless banking and mobile wallets in recent years as authorities promote financial inclusion and electronic transactions. The expansion has improved access to banking services but has also increased exposure to cyber risks, prompting regulators to introduce stronger protections for financial infrastructure.
Central banks globally have introduced cyber resilience frameworks following a rise in ransomware attacks, system intrusions and payment disruptions, which can threaten financial stability and consumer confidence. Pakistan’s regulator has similarly been expanding supervisory requirements to support digital innovation while safeguarding customers.
“As part of its Vision 2028 agenda, the SBP today announced the launch of ‘Cyber Shield – the Cyber Resilience Strategy for Regulated Entities’, a major initiative aimed at strengthening the safety and robustness of the country’s banking and financial system,” the central bank said in a statement.
The strategy aims to protect banks and financial institutions from cyber threats and ensure that individuals and businesses can continue accessing financial services without disruption. It outlines measures to strengthen internal controls, improve preparedness for cyber incidents and enable faster recovery if attacks occur.
According to the central bank, the framework sets a roadmap for financial institutions to enhance their systems, prevent cyber incidents and respond quickly when threats materialize. It also emphasizes cooperation and information-sharing across the sector as cyber risks become more sophisticated.
The SBP said the initiative adopts a forward-looking approach to cybersecurity across regulated entities. It focuses on strengthening resilience against cyber incidents, improving governance and accountability, building skilled cyber talent and continuously updating security practices to keep pace with evolving risks.











