The government has adopted a cyber-security declaration 2017 asking organisations to develop actionable cyber security roadmaps to be approved and monitored by the top management.
The declarations signed by State Minister for ICT Zunaid Ahmed Palak released on Thursday has been prepared and adopted at the end of the international cyber security conference that was held in Dhaka on March 9 with participation of international cyber security experts and representatives of local and foreign technologists, cyber security giants and diplomats.
The declaration said that the cyber organisations would have to update their org-charts identifying role, responsible for cyber secured operations of the organisations, entrusted with clear mandate, responsibilities and budget.
Putting emphasis on ensuring more robust cyber security in the respective organisation, the declaration said the cyber security-conscious organisations are to ensure that the member of staff appointed to cyber security role will report directly to the top management.
The declaration said the nature and scope of cyber threats dictate that sustainable security of operations cannot be ensured by technology alone.
Organisations must embrace cyber security as they are embracing computerisation, digitisation and online operations, the declaration said, adding that the management must own cyber security and act without delay.
The declaration categorically said that every organisations bear full responsibility for its own cyber security and of other government or other organisations may assist in this matter.
The more important digital assets like personal/identity data of population, property rights records, the organisation manages, the more robust cyber security must be ensured in that organisation, the declaration said.
It added that national organisations like Computer Emergency Response Team (CERT) can address only specific national threats and they are not expected to ensure operations at individual organisation level.