Chairman FBR Inaugurates Security Operations Center to Counter Cyber Attacks

Building further on its ongoing drive for a digital FBR, Chairman FBR/Secretary Revenue Division, Mr.Asim Ahmad inaugurated SOC this morning at FBR Headquarters, Islamabad. SOC is a state-of-the-art center designed for prevention, detection, and incident response against cybersecurity attacks on the FBR IT network. This most modern digital intervention has been made operational round-the-clock (24x7x365). It is powered by the world’s leading automated solutions and tools for cybersecurity incident monitoring, inspection for malware and ransomware attacks, data backup/recovery solutions, software vulnerabilities scanning, IT infrastructure penetration testing, and performance monitoring. It is pertinent to mention that these multiple security controls have already been implemented at FBR with sophisticated firewalls, intrusion detection systems, security orchestration and response capability, email threats security, database security, web browser security, and end-user security awareness.

Dr. Ashfaq Ahmad Tunio, Member-IT FBR, and Sardar Umar, Secretary IT FBR, briefed the Chairman FBR about its key features and functions.  He informed that within a short span of 4-5 months, nine different world-class security technology solutions have been procured and implemented or are nearing implementation. This robust and high-tech defense-in-depth architecture is a watershed initiative that has inbuilt monitoring mechanisms within the SOC. This has significantly uplifted the security posture of the data and IT network of FBR, he further explained.

Mr. Kamran Meer, the Chief Information Security Officer(CISO)FBR further briefed that a roadmap has been created to implement various other security technology solutions in the coming months to attain a truly world-class posture for FBR in accordance with international best practices, within an overarching Information Security Governance, Risk and Compliance (GRC) framework. He also reiterated that the occurrence of cyber-attacks was a norm in heavily IT-enabled organizations such as FBR and the most effective approach to cyber defense was to establish a strong program where cyber risk assessments, risk mitigations, SOC operations, and rapid incident response were conducted in repetitive cycles 24x7x365 with oversight and support for resources provided by the highest levels of management.

While commending the outstanding work done by Member IT and his team, Chairman FBR appreciated the digital intervention as a much-needed facility to firewall the repository of high-value data of taxpayers. He expressed his unflinching resolve to further upgrade IT infrastructure of FBR in line with the global best practices. He also hoped that all the Field Formations of FBR will soon be connected with this centralized Security Operations Center(SOC) to implement a similar security regime in letter and spirit.