Document from CIS Legislation database © 2003-2024 SojuzPravoInform LLC

RESOLUTION OF THE PRESIDENT OF THE REPUBLIC OF UZBEKISTAN

of May 31, 2023 No. PP-167

About additional measures for enhancement of system of ensuring cyber security of objects of critical information infrastructure of the Republic of Uzbekistan

(Extraction)

According to the Law of the Republic of Uzbekistan "About cyber security", the Presidential decree of the Republic of Uzbekistan of June 15, 2020 No. UP-6007 "About Measures for Implementation of the State System of Information System Protection and Resources of the Republic of Uzbekistan" and the resolution of June 15, 2020 No. PP-4751 "About additional measures for further enhancement of system of ensuring cyber security in the Republic of Uzbekistan" and for the purpose of the effective organization of implementation of single state policy for ensuring cyber security of objects of critical information infrastructure of the Republic of Uzbekistan:

1. Approve:

Regulations on procedure for ensuring cyber security of objects of critical information infrastructure of the Republic of Uzbekistan, according to appendix No. 1;

General requirements of cyber security of objects of critical information infrastructure of the Republic of Uzbekistan, according to appendix No. 2.

2. Determine that the Service of state security of the Republic of Uzbekistan (further - authorized state body) observes degree of security of cyber security of objects of critical information infrastructure (further - KII), develops procedure for their assessment and monitoring, together with Inspectorate for control in the field of informatization and telecommunications under the Ministry of digital technologies of the Republic of Uzbekistan takes part in the control and monitoring of providing and development of cyber security according to the procedure established by the legislation.

4. Apply the monthly allowance determined in the subitem "g" of Item 7 of the Presidential decree of the Republic of Uzbekistan of February 19, 2018 No. UP-5349 "About Measures for Further Enhancement of the Information Technology Sphere and Communications" also to the workers responsible for ensuring cyber security of objects of KII.

5. Implement practice of timely informing authorized state body on position assignment and dismissal, the carrying out employee assessment responsible for ensuring cyber security of objects of KII, and also carrying out certification of these workers by authorized state body each three years.

6. The authorized state body when holding control actions for ensuring cyber security of objects of KII on especially important and categorized objects notifies and provides written information on their results within 48 hours in the office of the Security Council in case of the President of the Republic of Uzbekistan.

7. To service of state security of the Republic of Uzbekistan (A. Azizov):

till October 1, 2023 to create the Temporary Unified state register of objects of KII of the Republic of Uzbekistan and to approve Provisional regulations on establishment of the Procedure for classification of objects of KII;

till December 1, 2024 on the basis of studying of the best practices of the foreign states to enter to the office of the Security Council in case of the President of the Republic of Uzbekistan offers on forming of the Permanent Unified state register of objects of KII of the Republic of Uzbekistan and approval of the Permanent Provision on establishment of the Procedure for classification of objects of KII.

8. To impose control of execution of this resolution on the secretary of the Security Council in case of the President of the Republic of Uzbekistan V. V. Makhmudov.

President of the Republic of Uzbekistan Sh. Mirziyoev

 

Appendix No. 1

to the Resolution of the President of the Republic of Uzbekistan of May 31, 2023 No. PP-167

Regulations on procedure for ensuring cyber security of objects of critical information infrastructure of the Republic of Uzbekistan

Chapter 1. General provisions

1. This Provision determines procedure for ensuring cyber security of objects of critical information infrastructure of the Republic of Uzbekistan.

2. In this Provision the following basic concepts are used:

cyberprotection - complex of legal, organizational, financial and economic, technical measures, and also the measures of cryptographic and technical data protection directed to prevention of incidents of cyber security, identification of cyber attacks and protection against them, elimination of effects of cyber attacks, recovery of stability and reliability of activities of telecommunication networks, information systems and resources;

critical information infrastructure - complex of automated control systems, information systems and resources of the networks and engineering procedures having important strategic and social and economic importance;

cyber attack to object of critical information infrastructure - the intentional action posing threat of cyber security by use in cyberspace of equipment rooms, hardware-software and software on objects of critical information infrastructure;

cyber security incident on object of critical information infrastructure - incident, in case of operation of object of critical information infrastructure in cyberspace led to failures in work of information systems and (or) violations of availability, integrity and free use of information;

objects of critical information infrastructure - the systems of informatization applied in the field of public administration and rendering the state services, defense, ensuring state security, law and order, fuel and energy complex (nuclear power) in chemical, petrochemical industries, metallurgy, water use and water supply, agricultural industry, health care, housing-and-municipal servicing, bank financial system, spheres of transport, information and communication technologies, ecology and environmental protection, production and conversion of minerals of strategic importance, the production sphere and other industries of economy and the social sphere;

subjects of critical information infrastructure - state bodies and the organizations, and also the legal entities owning objects of critical information infrastructure on the property rights, leases or on other legal causes including the legal entities and (or) individual entrepreneurs providing operation and interaction of objects of critical information infrastructure;

cyber security (objects) of critical information infrastructure - the security condition providing steady functioning of object of critical information infrastructure and protection against violation which can lead to emergence of incident of cyber security on object of critical information infrastructure.

3. Ensuring cyber security of objects of critical information infrastructure (further - KII) is based on the principles of legality, continuity and complexity of cyberprotection, priority of identification, prevention, rapid response and elimination of effects of cyber attack.

4. The main directions of ensuring cyber security of objects of KII are:

Warning!!!

This is not a full text of document! Document shown in Demo mode!

If you have active License, please Login, or get License for Full Access.

With Full access you can get: full text of document, original text of document in Russian, attachments (if exist) and see History and Statistics of your work.

Get License for Full Access Now

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info

Effectively work with search system

Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system

Get help

If you cannot find the required document, or you do not know where to begin, go to Help section.

In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.

You also may open the section Frequently asked questions. This section provides answers to questions set by users.

Search engine created by SoyuzPravoInform LLC.