Lebanese National Cyber Security Policy Guidelines
The office of the Minister of State for Administrative Reform (OMSAR) hosts websites of many government entities such as the Presidency of Council of Ministers (PCM), the Internal Security Forces (ISF), the Ministry of Defense (MOD), the Ministry of Justice (MOJ), the Ministry of Energy and Water (MOEW), the Ministry of Public Health (MOPH), the Ministry of Agriculture (MOA), the Ministry of Environment (MOE) among others. In addition, OMSAR hosts different applications used by the public sector employees.
In 2012 the Presidency of the Council of Ministers (PCM) formed a National Cyber Security committee by issuing decision number 32 dated 25/7/2012 to develop a national and common strategy for the protection of the Lebanese governmental websites with shared responsibility among the different stakeholders. The committee was composed of members from the PCM, OMSAR, the Ministry of Interior and Municipality (MOIM), the Ministry of Economy and Trade (MOET), the Ministry of Defense (MOD), the Ministry of Telecom (MOT) in addition to the Central Bank of Lebanon (BDL).
After several meetings, the committee concluded in its final report No. 287/S/2013 date 28/8/2013 with several recommendations. The second recommendation stipulated to: "Commission the ICT Security Officer in OMSAR to work on and prepare a minimum set of security policy guidelines that should be adopted and implemented in all public agencies. These policy guidelines were required to conform to the international security standards." Accordingly, OMSAR prepared a National Cyber Security Policy Guidelines document to be adopted and implemented in all Lebanese public agencies. The document is published on OMSAR's website and can be downloaded, referenced and adopted as a basis for creating secure data and information environment in the public administrations.
These guidelines allow each public agency to create its own Cyber Security Policies based on the latest international standards and specifications.
The National Cyber Security Policy Guidelines document is complemented by a Security Checklist available from the same link. This Checklist enables the public agencies to assess their cyber security situation and lets them use it as a starting point to build their own security policies.
It is worth noting that this policy guidelines document is based on the Lebanese Standards NL ISO 27001 and NL ISO 27002 as adopted from the International Standards ISO 27001 and ISO 27002 by the Lebanese Standards Institution (LIBNOR).
Furthermore, the document applies the essentials of the Certified Information Systems Security Professional (CISSP) certificate by quoting from Wiley-Sybex's publications on this subject.