CYBERSPACE and social media are significant aspects of hybrid warfare in the twenty-first century. Like many other developed and developing countries, Pakistan is a target of offensive actions carried out by a potential aggressor against its national security. Pakistan didn’t have a cyber security policy until 2021, despite having more than 80 million active users who are directly linked to the internet. The rise of automation due to information technology has made “cube security” increasingly important, with privacy, data quality, and availability being the key tenets. Pakistan’s 2021 Cyber Security Policy demonstrates that the country’s decision-makers and experts recognize the significance of cube security in the cyber domain. The policy covers all major aspects of cube security and includes an implementation framework to achieve desired outcomes. The lack of resources to implement the Cyber Security Policy 2021 and a weak institutional framework are the main obstacles in achieving the desired outcomes. Pakistan’s fragile economy further aggravates the situation, as strong economies and institutions are crucial for a nation’s prosperity. Despite having formulated the policy, Pakistan’s implementation is behind schedule, and the lack of resources and unstable economic conditions further hamper progress. The 2021 Cyber Security Policy reveals the failures in addressing the increasing cyber-attacks in Pakistan. The prime minister’s office is considered the most accountable body in the state, and if its security is compromised, confidential data related to governing issues can be leaked on social media, causing chaos among the public. This poses a serious security challenge for the state. Pakistan has a hesitant approach to cyber security due to a lack of awareness and understanding of the threat. Many Pakistanis are not taking the necessary precautions to protect themselves, and the country’s enemies exploit weaknesses in its social media infrastructure for political gain. To address these challenges, Pakistan should consider the following recommendations: Pakistan needs to act quickly to combat the new threat of cyber-attacks. Although it has taken initiatives to contain the situation, it must invest in its cyber army to compete with adversaries who have been active in this field for a long time. The country must act swiftly to address the challenge posed by cyber threats. Pakistan has been slow to react to the growing threat of cyber warfare and social media manipulation, leaving it susceptible to various cyber-attacks. To address this challenge, more funding should be allocated to the military and government, as the cyber domain is now becoming a new battlefront between India and Pakistan. Pakistan’s strategy and spending in this area need to change, and the government must make significant investments in cyber security resources to handle the new dynamics. Pakistan should develop an effective social media army to counter misinformation and propaganda. The government can use delaying strategies to gain control over the social media environment within its sphere of influence, despite constrained finances and resources. Neutralizing strategies, such as counter-narrative campaigns supported by substantial background evidence, can help the government maintain strict control over the situation. Pakistan, like many other countries, faces a growing threat from cyber-attacks, and there is a need for the government and private sector to take cyber security seriously. Here are some recommendations for improving cyber security in Pakistan: Develop a Comprehensive National Cyber Security Strategy: Pakistan should develop a comprehensive national cyber security strategy that outlines the country’s cyber security goals, objectives, and priorities. This strategy should also include a clear plan for developing and implementing cyber security policies and standards, as well as the necessary funding and resources to support these efforts. Increase Awareness and Education: The government and private sector should work together to increase awareness and education about cyber security. This can include offering training programs for employees, providing public awareness campaigns, and working with schools and universities to promote cybersecurity education. Strengthen Public-Private Partnerships: The government and private sector should strengthen their partnerships to share information and coordinate efforts to prevent and respond to cyber-attacks. This can include establishing a joint cyber security task force, developing a public-private cyber security information sharing program, and collaborating on cyber security research and development. Enhance Cybersecurity Infrastructure: The government should invest in cyber security infrastructure to protect critical infrastructure, such as energy and transportation systems, as well as government networks and databases. This can include deploying advanced firewalls, intrusion detection and prevention systems, and other cyber security technologies. Develop Cyber Incident Response Plans: The government and private sector should develop cyber incident response plans to quickly and effectively respond to cyber attacks. This can include developing protocols for reporting cyber incidents, establishing a cyber-emergency response team, and conducting regular cyber security exercises. Regulate and Monitor Cyber Security Practices: The government should establish regulations and standards for cyber security practices in both the public and private sectors. It should also establish mechanisms to monitor compliance with these regulations and standards, such as regular audits and inspections. Increase International Cooperation: The government should work with international organizations and other countries to share best practices and coordinate efforts to prevent and respond to cyber-attacks. This can include participating in international cyber security conferences, sharing threat intelligence, and collaborating on cyber security research and development.