In a landmark move to enhance national cybersecurity, the federal government has made the adoption of Pakistan Security Standards (PSS) mandatory for all public and private organizations. The new policy, issued by the National Cyber Emergency Response Team (National CERT), aims to establish a unified cybersecurity and cryptographic framework across the country.
According to Statutory Notification S.R.O. 762(I)/2023, full implementation of the Pakistan Security Standards will take effect from June 1, 2028. After that date, it will be illegal to manufacture, sell, or store any cybersecurity product without PSS compliance. The regulation brings Pakistan in line with international benchmarks such as the US Federal Information Processing Standards (FIPS 140) and ISO 15408 (Common Criteria).
The defense sector faces an accelerated timeline, with the National Technical Information Security Board (NTISB) mandating full compliance by December 2025 for all new procurements. The initiative marks a critical step toward achieving national cryptographic assurance and securing Pakistan’s defense supply chain.
The Pakistan Security Standards aim to ensure the confidentiality, integrity, and availability of national ICT systems while reducing cyber risks in sensitive sectors including defense, banking, energy, and telecommunications. National CERT emphasized that early compliance will safeguard operations and enhance Pakistan’s cyber resilience.
Vendors Told to Begin PSS Certification
To ensure readiness, the agency has instructed all vendors, developers, and industry partners to begin the certification process immediately. Products that fail to meet the Pakistan Security Standards will be banned from government and defense procurement in the future.
Key recommendations outlined by the nCERT include proactive evaluation of security products, vendor coordination for compliance, integration of PSS requirements in procurement policies, and awareness programs to educate the tech industry about certification processes.
Cybersecurity experts see the enforcement of the Pakistan Security Standards as a major step toward digital sovereignty, reducing reliance on foreign certifications, and establishing Pakistan as a credible cybersecurity hub. Officials believe the move will attract investor confidence, secure e-governance platforms, and strengthen Pakistan’s position in global digital cooperation.
National CERT has also called for greater collaboration between public and private sectors, highlighting that the Pakistan Security Standards form the foundation for the country’s cyber resilience and defense readiness in an increasingly digital future.