Amir Saeed

The government plans to deploy AI-driven threat detection systems to monitor and respond to cyberattacks on critical infrastructure, sensitive data, and digital operations in real time.

These systems aim to balance the transformative potential of AI with ethical, security, and societal risks that accompany its use, according to documents obtained by Wealth Pakistan. The documents outline a comprehensive approach to securing the national AI ecosystem, ensuring that AI serves the public good, protects freedom of information, safeguards individual rights, and aligns with national priorities.

A core element of this initiative is the development of AI-based cybersecurity solutions providing end-to-end protection across the lifecycle of AI systems. This includes AI-integrated security guidelines for development and deployment, real-time threat detection, and collaborative defense mechanisms for secure threat intelligence sharing.  The proposed systems will leverage advanced AI capabilities to counter evolving risks and attacks.

The AI-driven cybersecurity protocols will be strictly enforced, covering secure data storage and transmission, sandbox testing, and stakeholder feedback. These measures are designed to prevent, eliminate, and address vulnerabilities, ensuring human, environmental, and ecosystem safety. Transparency and human oversight are also emphasized, particularly for high-risk AI operations.

Human oversight mechanisms will be mandatory, and public sector AI systems will be disclosed in a public register. Lifecycle evaluations and impact assessments of high-impact AI systems will monitor compliance with evolving standards. Regular audits, supported by legal frameworks with penalties for non-compliance, will uphold ethical and security standards, while third-party auditors will assess AI decision-making and algorithmic accountability.

A national data security policy will define security levels, auditing standards, and training processes, complemented by a defense-in-depth strategy covering perimeter, network, host, application, and data layers. Additionally, a National Authority Trust and Identity Management Policy will enforce authentication for data service access, bolstering accountability for digital activities.

Identity and access management protocols, including multi-factor authentication and role-based controls, will adapt to the evolving threats. The documents further describe an open-source AI governance framework to regulate secure use of open-source AI, ensuring data security, controlled sharing, and collaborative innovation. Specialized protocols for AI systems will safeguard against unique vulnerabilities, and AI-powered simulations will anticipate new threats.

The AI Directorate and the Centre of Excellence in AI (CoE-AI) will address the challenges posed by Generative AI. Regulatory guidelines will mitigate disinformation, privacy violations, and fake news, while promoting indigenous research, startup engagement, and ethical use of data in academia. Compliance with intellectual property laws and content verification mechanisms will safeguard the creators’ rights.

Finally, regulatory sandboxes will facilitate agile legal harmonization and ethical testing, with at least 20 enterprises expected to benefit by 2027. These sandboxes will foster responsible and inclusive adoption of AI technologies across the country.

Credit: INP-WealthPk