Sania says Ehsaas will invite hackers to identify digital security vulnerabilities

Dec 30, 2020 – Islamabad: SAPM Dr. Sania Nishtar chaired the joint meeting of Risk Assurance and Management, and Audit Committees of BISP board, where a number of agenda items were discussed. Since Ehsaas’ operations are largely digital, it is critical to ensure that IT safety measures are in place; more than 100 steps have been taken to secure the IT system in that regard over the last 2 years, since she took over, Dr. Sania informed the committee members. “We will be organizing a hackers competition inviting ethical hackers to outline our vulnerabilities”, she said. Ehsaas will be the first public sector entity to implement a Vulnerability Disclosure Policy that is intended to give ethical hackers clear guidelines for submitting potentially unknown and harmful security vulnerabilities. The discussion of the Risk Committee mainly centered on internal and external audits, Ehsaas Risk Registry, Error Fraud and Corruption Framework, implementation of security safeguards within the organization and setting up of the Cyber Control Wing. Also, under observation were Ehsaas Governance and Integrity Policy and Observatory and how the organization was faring against 23 indicators of the policy and observatory to gauge the performance of BISP.