Last Updated on July 30, 2020
Nepal Telecommunication Authority (NTA), the Telecommunication regulatory body of Nepal, sent a directive to all the Telecom and ISPs to mandatorily conduct a security audit regularly. They are also required to submit the audit report to NTA.
Inclination towards digital transactions has invited unfortunate events. The most recent news that we heard was the server hack of Nepal Telecom. Even we can somewhat guess how weak our cybersecurity system is. With increasing risks and threats to the cyberworld, NTA directed Telecom and ISPs to inspect and evaluate the security of their system in a security audit.
Read NTA directs ISPs to provide internet speed test details to customers
The role of security audits in cybersecurity
In the counter of potential cybercrime, a risk-prevention strategy is essential. For that, NTA can start with a fundamental step of cybersecurity, and that is a security audit.
A security audit is a systematic process to identify loopholes and deficiencies that threaten the cybersecurity of the company. A regular assessment and evaluation of the security policy help to know if it matches the required standards of security policy or not.
We can have an in-depth analysis of the Telecom and ISP’s network and operating system through security audits. It will enable us to realize potential and existing breach, prevent it, and improve company image.
Why is the provision of a security audit necessary?
As of today, this provision by NTA is necessary to address the increasing risks of hacking and data breach. The public needs assurance that their data is protected. Telecom and ISPs should gain the trust of their customers by proving that their system is secure and reliable.
The security audit will give a sense of safety and dependability to the public towards the company. Identifying risks and threats in the company’s security system will allow the company to update its network security and prevent the risk of hacks and data breaches in the future. As a measure to uptight the cybersecurity and avoid unfortunate events, NTA came forward with this provision.
Law concerns
The incompetence of the service provider in performing a regular security audit has a consequence. They will face actions as per the Telecommunications Act 2053, and the service provider will be liable for a fine of up to Rs 50,000. Also, the service provider has to compensate for the loss and damage caused by non-compliance with the instructions.
Read: NTA prohibits selling more than two SIM cards
Conclusion
NTA’s directive for Telecom and ISPs to carry out regular security audit has several benefits to strengthen Nepal’s cybersecurity. It ensures data protection as well as a secure and reliable network. The security audit will play a prominent role to keep the firewall up to date and to reduce the risk of cybercrime in the future.
Tell us if you’re satisfied with this provision of NTA or not in the comment section below.
