A Study of Cybersecurity Frameworks in Organizations of Pakistan

Authors

  • Syed Muhammad Irfan Department of Criminology, University of Karachi Author
  • Dr. Naima Saeed Chairperson Department of Criminology, University of Karachi Author

DOI:

https://doi.org/10.63056/

Keywords:

Cybersecurity Frameworks, Thematic Analysis, NIST, ISO 27001, COBIT 2019, Organizational Compliance, Cybersecurity policy, Situational Crime Prevention Theory, Control Theory, Routine Activity Theory

Abstract

This study examines the adoption and the effectiveness of cybersecurity frameworks within various organizational types in Pakistan. Even though the importance of the protective and securing digital assets and the role of these cybersecurity frameworks cannot be overstated, the adoption and implementation in developing countries remains significantly under discussed. In this research, studies the adoption of cybersecurity frameworks such as ISO 27001, NIST, etc and aims to close the gap. It also examines the effectiveness of frameworks regarding the issues of mitigating cyber threats and employee adherence to the organization's cybersecurity policies. The researcher used qualitative methodology and conducted semi-structured interviews. The participants are cybersecurity professionals and information technology (IT) experts. There are Eight key sectors covered for the collection of data. Thematic analysis used for the interpretation of data findings analysis. The Situational Crime Prevention Theory, Control Theory, and Routine Activity Theory are used as the analytical frameworks. The findings of the research revealed a stark difference to which the regulated and unregulated sectors are implementing cybersecurity frameworks in their respective organizations. This study addresses the need for flexible tailored cyber security frameworks by regulatory authorities like OGRA, SECP and PTA, etc. The study concludes that Pakistan’s organizations are not ready to face the cyber security challenges and securing sensitive and critical information. The enforcement for cyber security programs in organization from regulating authorities is a dire need of time. Organizations across every sector need to adopt cybersecurity frameworks that fit to their organization’s needs. The tailored global cybersecurity frameworks that suit the specific threat landscape, resource realities, and socio-cultural context can also be an effective approach to build genuine cyber resilience.

Downloads

Published

2025-11-05

Issue

Vol. 4 No. 4 (2025): ACADEMIA International Journal for Social Sciences

Section

Articles

License

Copyright (c) 2025 Syed Muhammad Irfan, Dr. Naima Saeed (Author)

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

Irfan, S. M. ., & Saeed, D. N. . (2025). A Study of Cybersecurity Frameworks in Organizations of Pakistan. ACADEMIA International Journal for Social Sciences, 4(4), 1803-1824. https://doi.org/10.63056/

Similar Articles

1-10 of 608

You may also start an advanced similarity search for this article.