Document from CIS Legislation database © 2003-2024 SojuzPravoInform LLC

RESOLUTION OF THE CABINET OF MINISTERS OF UKRAINE

of December 29, 2021 No. 1426

About approval of the Regulations on organizational and technical model of cyberprotection

According to part three of article 8 of the Law of Ukraine "About the basic principles of ensuring cyber security of Ukraine" and for the purpose of ensuring functioning of national system of cyber security the Cabinet of Ministers of Ukraine decides:

Approve Regulations on organizational and technical model of cyberprotection which are applied.

Prime Minister of Ukraine

D. Shmygal

Approved by the Resolution of the Cabinet of Ministers of Ukraine of December 29, 2021 No. 1426

Regulations on organizational and technical model of cyberprotection

1. This Provision determines the mechanism of functioning of organizational and technical model of cyberprotection.

The organizational and technical model of cyberprotection is complex of actions, forces and the funds of cyberprotection allocated for rapid (crisis) response to cyber attacks and cyberincidents, implementation of the counter-measures directed to minimization of vulnerability of communication systems.

The organizational and technical model of cyberprotection consists of organizational and managing, technological and basic infrastructure of cyberprotection and takes root for ensuring functioning of national system of cyber security.

2. In this Provision terms are used in such value:

basic infrastructure of cyberprotection - organized set of objects of critical information infrastructure, communication and technological systems of the companies, organizations and organizations relating to objects of critical infrastructure and also the subjects of managing, citizens and their associations, other persons performing activities and/or rendering services in spheres of electronic communications, electronic commerce, development of national electronic resource, information security and cyber security;

cyberhygiene - the abilities, skills of use of information technologies directed to implementation of actions for timely identification, the prevention and neutralization of real and potential cyberthreats;

teams of response to computer extraordinary events - groups of specialists in cyber security who will be formed for the purpose of ensuring cyberprotection of communication, information and/or technological systems;

organizational and managing infrastructure of cyberprotection - organized set of subjects of ensuring cyber security which create and/or realize state policy in the field of cyber security, determining procedures and mechanisms of cyberprotection, organization-legal bases of interaction between forces of cyberprotection and other subjects of ensuring cyber security;

technological infrastructure of cyberprotection - organized set of forces and means of cyberprotection, the infrastructure facilities providing functioning of forces of cyberprotection, the information and telecommunication networks and their resources used for the benefit of cyberprotection forces;

cyberprotection forces - government team of response to computer extraordinary events of Ukraine CERT-UA, other teams of response to computer extraordinary events, divisions (groups, teams, services) information security, the company, organization and the organization, irrespective of pattern of ownership, the services performing activities and/or rendering connected with cyberprotection.

Other terms are used in the value given in the Laws of Ukraine "About the basic principles of ensuring cyber security of Ukraine", "About homeland security of Ukraine", "About information security in information and telecommunication systems", "About electronic confidential services".

3. Functioning of organizational and technical model of cyberprotection is provided in the way:

forming and realization of state policy in the field of cyber security, including taking into account experience of EU member states and NATO;

coordination of subjects of cyberprotection during implementation of actions for ensuring cyber security of objects of critical information infrastructure and national electronic information resource;

cybernetic protection of the information and telecommunication systems processing national electronic information resource, communication systems and objects of critical information infrastructure, their cyberfirmness, implementation of constant control behind condition of their cyberprotection;

developments of response system on cyberthreats;

developments of forces of cyberprotection and system of their coordination;

creations of risk management systems of information security on objects of critical infrastructure;

forming and developments of capabilities of subjects of ensuring cyber security;

creations of conditions for safe functioning of information infrastructure of state bodies, local government bodies, military forming formed according to the law, the companies, organizations and the organizations irrespective of pattern of ownership;

creations of conditions for development of state-private interaction in the field of cyber security;

developments of system of personnel, material and expert and analytical ensuring forces of cyberprotection;

development and continuous improvement of systems of cyberprotection of objects of critical infrastructure taking into account the results of assessment of completeness, adequacy, effectiveness and process performance which are carried out within implementation of information security system on objects of critical infrastructure.

4. Means of cyberprotection which are used for implementation of organizational and technical model of cyberprotection are systems of detection of vulnerabilities and response to cyberincidents and cyber attacks, information technologies, technical and software (devices, the equipment, complexes) which are used for the benefit of ensuring cyberprotection of national electronic information resource, communication and technological systems, and also objects of critical information infrastructure.

5. Measures for cyberprotection which are performed in the course of implementation of organizational and technical model of cyberprotection are organizational, legal, technical measures, measures for cryptographic and technical information security which are carried out by forces of cyberprotection and ensuring proportionality and/or proportionality of measures to real and potential risks are based on the principles of the personal responsibility for own actions and collective responsibility for safety of everyone.

Warning!!!

This is not a full text of document! Document shown in Demo mode!

If you have active License, please Login, or get License for Full Access.

With Full access you can get: full text of document, original text of document in Russian, attachments (if exist) and see History and Statistics of your work.

Get License for Full Access Now

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info

Effectively work with search system

Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system

Get help

If you cannot find the required document, or you do not know where to begin, go to Help section.

In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.

You also may open the section Frequently asked questions. This section provides answers to questions set by users.

Search engine created by SoyuzPravoInform LLC.