In late 2001, after the establishment of the interim government, Afghanistan stepped into new horizons of political and socio-economic rehabilitation and reconstruction. The subsequent transitional and the elected Afghan government introduced new legislations which assisted private companies to make investments in the country and provide various services including telecommunications and ICT services for the people of Afghanistan. The Ministry of Communications and Information Technology (MCIT) was the first among the sectoral government entities in Afghanistan to design new strategies and policies, enabling private sector to make huge investment in the telecommunication and IT sectors.
In 2009, MCIT established the first Cyber Emergency Response Team (CERT) in Afghanistan and it was officially named as AFCERT. The mandate of AFCERT was to fight against cyber threats and crimes and provide awareness and solutions on cyber security to the government and private sector. In its first two years of operation, AFCERT submitted an official report to the MCIT senior management regarding an upsurge in the cyber and electronic crimes in the country. In order to fight the said crimes, it was vital to conduct a risk assessment of all government ICT infrastructures and come up with a solution to mitigate those risks. AFCERT’s proposal on preparing a draft of Cyber Security Strategy for the country was accepted by the MCIT and ICT Council and to this end the MCIT and ICT Council established a committee.
In 2012 the first awareness workshop on drafting the NCSA was held in ICTI Institute, supported and funded by the US Department of Commerce. It was a 4 day workshop and all government CIOs, ICT heads, private sector and academia participated and studied and analyzed various strategies from different countries.
The NCSA committee was chaired by Information Systems Security Directorate of MCIT and held its regular meetings and assessments for one year. After a series of assessments and recommendations, the NCSA committee finalized and submitted the first draft of the strategy in July 2014 to the MCIT and ICT Council to review and adapt its action plan.