“There are known knowns; there are things we know we know. We also know there are known unknowns; that is to say, we know there are some things we do not know. But there are also unknown unknowns: the ones we don’t know we don’t know.”
I recall reading this quote from former U.S. Secretary of Defense, Donald Rumsfeld, almost a decade ago, when I was pursuing my Master’s in Information Security. We were learning how unsupervised machine learning can be applied for anomaly detection in network security. This quote just clicked. It captured something deeper than code: the reality that in cybersecurity, it’s not just the threats you know about that matter. It’s the ones you don’t even see coming: the unknown unknowns that can absolutely shake your systems. That idea has stuck with me ever since.
That’s exactly why the CTI Pakistan 2025 stood out. It wasn’t just another cybersecurity event. It was a powerful convergence of public and private sector leaders. The conversations, technical talks, and the expert panels all reflected a deep understanding of this very challenge: preparing not just for what we know, but for what we haven’t yet imagined.
Organized by Resecurity in collaboration with the Pakistan Information Security Association (PISA), Security Experts (Pvt) Limited, ISACA Islamabad Chapter, National CERT (PKCERT), and National Cybercrime Investigation Agency (NCCIA), the two-day event brought together cybersecurity professionals, policymakers, and technology leaders under one roof.
Day 1: Capture the Flag Challenge
The event kicked off with Capture the Flag (CTF) challenge that was far from your typical red-vs-blue skirmish.
In Round 1, participants were dropped into a simulated Smart City, complete with integrated municipal services and exposed web portals. This was followed by Round 2, which replicated a fully functional banking environment. The CTF tested real-world scenarios from web exploitation to cryptographic attacks, challenging even the most seasoned professionals.
With 10 hidden flags and layers of complexity, teams pushed hard to detect, defend, and disarm vulnerabilities. A massive shoutout to the participants, winners, and technical support teams from Resecurity and PISA for contributing to the challenge.
Day 2: Cybersecurity Leadership in Focus
The second day shifted gears with a full-day conference featuring expert panels, government stakeholders, and private sector leaders, all centered around threat intelligence sharing and national cyber resilience.
In my role representing HackerNoon, I had the privilege of attending and contributing to the discussions. It was inspiring to see the diversity of voices and alignment on one common goal: building a secure digital Pakistan.
Ammar Jaffri, the visionary behind Digital Pakistan, kicked off the opening session by setting the tone for the day: collaboration, innovation, and nation-first cybersecurity.
“To build a secure Digital Pakistan, we must move from reactive to proactive cybersecurity, fostering collaboration across public, private, and academic sectors. Cyber resilience isn’t just a technical goal; it’s a national priority. The Digital Pakistan Vision 2047 calls for a unified approach where intelligence sharing, local capacity building, and policy alignment go hand in hand to protect our digital future.”
—Ammar Jaffri, Former Additional DG FIA & Director General at Center of Information Technology ( CIT )
The Resecurity team delivered deeply technical and insightful talks on modern threat intelligence frameworks and AI-powered fraud detection. Taha Halabi and Ahmed Halabi stood out for their clear articulation of how real-time threat feeds and behavioral analytics can help preempt cyberattacks, particularly in sectors such as finance and critical infrastructure. Their sessions bridged global cybersecurity practices with practical, actionable solutions tailored to Pakistan’s digital ecosystem.
These talks were followed by an insightful keynote by Dr. Monis Akhlaq, Chief Information Security Officer at NADRA, which helped set the tone for the rest of the event. His address highlighted the critical role of cybersecurity in national data infrastructure, emphasizing the need for resilient systems, proactive threat intelligence, and a security-first mindset in public sector digital transformation.
Panel Highlights
Session 1: Critical Infrastructure Protection
Moderated by Ammar Jaffri, this session focused on global best practices in securing critical systems. Insights came from:
- Dr. Monis Akhlaq (CISO, NADRA)
- Jahanzeb Arshad (EVP, Nayatel)
- Tahir Jamil (Deputy Director General)
- Dr. Khurram (NESCOM)
- Ikram Barkat (DG PEMRA)
This powerhouse panel delved into the critical importance of cross-sector threat intelligence sharing and the integration of resilient IT and OT (Operational Technology) systems across essential services. Cyber threats are increasingly targeting critical infrastructure, including energy grids and telecommunications networks. The panel emphasized that true national cyber resilience requires seamless collaboration between government entities, private sector providers, and industrial control system operators. They emphasized the importance of adopting unified frameworks, real-time intelligence sharing, and robust incident response strategies to protect Pakistan’s most critical digital and physical assets.
Session 2: Smart Cities & Cyber Threats
Moderated by Dr. Hafeez, the panel included:
- Nargis Raza (Deputy Dir. NCCIA)
- Dr. Mazhar Ali (Associate Professor, COMSATS University)
- Mr. Raza Haider (Dir. CASS)
- Aamer Abbas (CEO, Wertec)
- Sidra Ijaz (Editor, HackerNoon)
Together, we explored the importance of securing critical infrastructure and citizen data in hyper-connected urban environments. A slight negligence can lead to disastrous consequences. As Nargis Raza, Deputy Dir. NCCIA pointed out:
“Imagine if a critical facility like a thermal power plant were compromised. The consequences could be devastating from equipment failures to catastrophic explosions and widespread power outages. These plants operate under strict parameters like temperature and pressure, and even a slight disruption can have dangerous ripple effects. For instance, if steam pressure builds up beyond the design limits, it could trigger an explosion, leading to massive structural damage and potential loss of life.”
I brought in an editor’s perspective on emerging cybersecurity trends in smart cities and shared how AI is playing a dual role, serving as both a powerful tool for strengthening cyber defenses and, at the same time, introducing new threats like deep fake attacks and adversarial attacks that require continuous vigilance and innovation to counter.
Session 3: Data Governance in Pakistan
Moderated by Hassan from NACTA, this panel discussed frameworks and technologies needed for data-driven governance.
Speakers included:
- Muhammad Akram (Dir. NCCIA)
- T.A. Bhutta (Cybersecurity Scholar)
- Tauqir Ahmed (Advisor, Strategic Analyst)
- Midhat Shahzad (Chief Secretary, AJK)
The message was clear: data governance is no longer optional, it’s the backbone of national security. Data is both a strategic asset and a high-value target; governments must establish robust policies, cross-agency coordination mechanisms, and secure infrastructure to manage data responsibly. Without proper governance, the risks range from misinformation and data breaches to compromised decision-making and national instability. As the panel emphasized, securing data isn’t just a technical concern; it’s a matter of public trust, digital sovereignty, and long-term resilience.
Later, T.A. Bhutta beautifully summed up the essence of the discussion:
“3 Cs: Cooperation, Coordination, Communication.
3 As: Accountability, Awareness, Accessibility.
And above all: Indigenous Development, Research, and Innovation.”
This serves as a reminder that building secure, data-driven governance systems requires not just technology but also trust, collaboration, and a strong foundation of local capability and knowledge, and it requires a group effort.
Book Launch: Spies in the Bits and Bytes
The day concluded with the launch of Spies in the Bits and Bytes: The Art of Cyber Threat Intelligence, authored by Dr. Atif Ali and Dr. Baber Majid Bhatti. Unveiled in the presence of Former Air Chief Marshal Sohail Aman, the book underscores the rising strategic importance of cyber defense in security. The event was wrapped up with Sohail Aman’s conversational and lighthearted keynote, leaving the audience inspired.
Final Thoughts
CTI 2025 was more than a cybersecurity conference. It was a national call to action. From policymakers to ethical hackers, from academia to enterprise leaders, everyone brought their A-game. Kudos again to Resecurity, PISA, PKCERT NCCIA, Security Experts, and many other contributors who made this landmark event possible. With this momentum, I’m optimistic about what’s ahead for Pakistan’s cyber future.
