SECP issues draft guidelines to secure companies’ data from cyber attacks

Published August 3, 2021
The SECP has said that ‘cloud’ offers a convenient, on demand access to a shared pool of resources such as servers, storage, and applications, over the internet. — Reuters/File
The SECP has said that ‘cloud’ offers a convenient, on demand access to a shared pool of resources such as servers, storage, and applications, over the internet. — Reuters/File

ISLAMABAD: The Securities and Exchange Commission of Pakistan (SECP) has issued draft cloud adoption guidelines for the registered companies to secure their sensitive and secretive data from cyber attacks and digital leakages

However, all the business entities have to ensure that the selected cloud service providers do not offer the services through their data centres located in any hostile country such as India, Israel, etc.

The guidelines provide an easy and efficient procedure for transition to cloud computing and the companies will be able to get a clear understanding of the risks and benefits involved in moving to cloud compared to traditional computing solutions.

The draft guidelines placed at the website of the SECP has been based on Pakistan Cloud First Policy (PCFP) 2021, and the National Cybersecurity Policy 2021 issued by Ministry of IT & Telecommunication. The commission has invited feedback on draft guidelines by Aug 13.

The SECP has highlighted that the ‘secret’ information of the businesses requires highest level of protection from serious threats, whose breach will likely cause threats to life or public security, financial losses, serious damage to public interests, etc.

The SECP has said that ‘cloud’ offers a convenient, on demand access to a shared pool of resources such as servers, storage, and applications, over the internet.

It has been suggested that there were several free cloud computing options also existed for emails, document management and even customer relations, etc.

At the same time the SECP has suggested the businesses to review services before deciding to buy them.

The SECP has said that building an information technology (IT) infrastructure can be complex and expensive for new and growing business entities, while limited resources, expertise, and time often constrains how much small and midsize enterprises are able to accomplish.

The corporate sector regulator has suggested that the cloud computing was a better option, which is a technological framework offering a convenient, on demand access to a shared pool of resources such as servers, storage, and applications, over the internet, and the users do not require their own controlled hardware or software.

These resources are maintained and provided by cloud service providers, and the user can get access to these resources over the internet by paying nominal charges to the cloud service providers. Every business uses the services of cloud according to their scale.

Published in Dawn, August 3rd, 2021

Opinion

Editorial

23 May, 2022

Defection rulings

By setting aside the existing law to prescribe their own solutions, the institutions haven't really solved the crisis at hand.
23 May, 2022

Spirit of the law

WOMEN’S right to inheritance is often galling for their male relatives in our patriarchal society. However, with...
23 May, 2022

Blaming others

BLAMING the nebulous ‘foreign hand’ for creating trouble within our borders is an age-old method used by the...
Updated 22 May, 2022

Back in the game?

WITH the new government struggling to make crucial decisions independently, Pakistan’s ‘parallel governance...
22 May, 2022

Currency concerns

IN the midst of the power struggle in the country, the rupee slid past 200 to a dollar in the interbank market last...
Updated 22 May, 2022

Shireen Mazari’s arrest

Abuse of power can never be condoned, regardless of who it targets or from where it emanates.