State Bank of Pakistan (SBP) Governor Jameel Ahmad on Friday warned that the cyber threat landscape facing the financial sector has grown increasingly complex, driven by highly skilled and well-resourced threat actors and compounded by rising geopolitical tensions.
Read More: SBP cancels license of exchange company on regulatory violations
Speaking at a ceremony marking the completion of Pakistan’s first industry-wide cybersecurity drills for the banking sector, the SBP governor said a domestic shortage of skilled cybersecurity professionals was limiting the ability of financial institutions to effectively safeguard their systems against evolving cyber threats.
1/2 #SBP upholds international best practices to ensure cybersecurity in the financial industry; says Governor SBP Jameel Ahmad during his address at the closing ceremony of Pakistan’s First Banking Industry-Wide Cyber Drill. pic.twitter.com/A8EDrSCFpK
— SBP (@StateBank_Pak) January 23, 2026
He noted that rapid technological adoption, innovation and the growing interconnectedness of the financial system have introduced new risks and vulnerabilities, making cyber resilience a critical priority for regulators and market participants alike.
To address these challenges, the SBP will soon issue a comprehensive Cyber Resilience Strategy for regulated entities, titled Cyber Shield 2025–30. The strategy is intended to provide a clear roadmap to strengthen the banking sector’s ability to identify, protect against, withstand and recover from cyber incidents.
According to the governor, the strategy will be built on key pillars, including strengthening cyber resilience frameworks, improving cybersecurity governance, enhancing collaboration and partnerships, developing a skilled cyber workforce, and ensuring the continuous evolution of cybersecurity programmes.
He said financial institutions have already made notable investments in building capability, coordination and crisis preparedness, qualities that are now essential to maintaining financial stability in an era of persistent and sophisticated cyber threats. In today’s environment, he added, cyber resilience is not measured by the absence of attacks but by how effectively institutions respond to them.
The SBP governor stressed that cyber risk has emerged as a systemic threat with direct implications for financial stability, public confidence and economic growth, rather than being limited to IT systems or operational disruptions.
Read More: SBP injects Rs 2.2tr to maintain liquidity in market
He emphasised that cyber resilience cannot be achieved in isolation and requires collective preparedness, transparent information sharing and trust between regulators and regulated institutions. Initiatives such as the nationwide cybersecurity drills, he said, demonstrate Pakistan’s commitment to aligning its financial system with international best practices.