Islamabad, Sept 11, 2025 — In a decisive move to modernize its digital defenses, Pakistan has approved the Pakistan Security Standard (PSS), a comprehensive framework for cryptographic and IT security devices. Developed by PSQCA and endorsed by NTISB, the new standard replaces the outdated TM-27 model from 1994.
The PSS introduces mandatory protocols for the design, evaluation, and certification of encryption tools, firewalls, intrusion detection systems, secure operating systems, and anti-malware solutions. Evaluations will be conducted by accredited labs under NTISB’s oversight, targeting vulnerabilities such as backdoors and trojans.
Aligned with global benchmarks like FIPS 140-2 and EU Common Criteria, the PSS is tailored to Pakistan’s operational needs. A five-year phased rollout will culminate in mandatory compliance by June 2028. Until then, international certifications may be provisionally accepted.
Government agencies, telecom operators, banks, and private firms handling sensitive data must prepare for PSS-compliant procurement and replacement strategies. The framework aims to safeguard critical infrastructure against rising cyber threats and ensure robust protection across national IT systems.
NTISB will serve as the certification authority, supported by NASCEL-accredited facilities, marking a pivotal step toward cybersecurity resilience and national sovereignty in the digital age.