Unofficial transfer (c) Soyuzpravoinform LLC

RESOLUTION OF THE CABINET OF MINISTERS OF UKRAINE

of October 8, 2025 No. 1281

About approval of the Procedure for briefings and systematic trainings on cyberhygiene

According to Item "About the basic principles of ensuring cyber security of Ukraine" the Cabinet of Ministers of Ukraine decides 27 parts three of article 8 of the Law of Ukraine:

Approve the Procedure for briefings and systematic trainings on cyberhygiene which is applied.

Approved by the Resolution of the Cabinet of Ministers of Ukraine of October 8, 2025, No. 1281

Procedure for briefings and systematic trainings on cyberhygiene

1. This Procedure determines procedure of briefings and systematic trainings for cyberhygiene for cabinet ministers of Ukraine, People's Deputies of Ukraine, employees of foster services, deputies of local councils, officials of local government bodies, government employees, the military personnel, employees of public authorities, other state bodies, heads and employees of the state companies, organizations and the organizations (further - subjects of public administration).

The purpose of briefings and systematic trainings on cyberhygiene is increase in level of awareness of subjects of public administration and forming in them practical skills of safe use of means of informatization and the Internet for prevention, timely identification and response to cyberincidents, cyber attacks, ensuring personal data protection, and also observance of requirements of the legislation in the field of cyber security and the corresponding standards, security policies and features in the respective sphere or industry.

2. In this Procedure (further - instructing and trainings in cyberhygiene) it is necessary to understand organizational training events which are held for subjects of public administration during the term of their continuance in office as the term "instructing and systematic trainings in cyberhygiene", directed to acquaintance, forming and fixing of knowledge, skills of safe behavior in cyberspace.

Other terms are used in the value given in the Laws of Ukraine "About information", "About personal data protection", "About the basic principles of ensuring cyber security of Ukraine" and the Regulations on organizational and technical model of cyberprotection approved by the resolution of the Cabinet of Ministers of Ukraine of December 29, 2021 No. 1426 (The Official Bulletin of Ukraine, 2022, No. 4, the Art. 219).

3. Content of instructing and trainings is determined by public authority, other state body, local government body, the state company, organization and the organization based on real and potential cyberthreats, the applied requirements in the field of cyber security by cyberhygiene and the corresponding standards, security policies and features in the respective sphere or industry or specifics of tasks and functions of appropriate subject of public administration.

4. Determination of content of instructing and trainings on cyberhygiene, and also their carrying out is performed taking into account methodical recommendations about briefings and trainings on cyberhygiene for assignment to positions of government employees, employees of public authorities and other state bodies, the military personnel, heads and employees of the state companies, organizations and the organizations approved by Administration of Gosspetssvyaz.

5. Instructing and trainings on cyberhygiene are provided:

responsible persons of divisions on cyberprotection (heads on cyberprotection to whom such divisions directly submit) - for cabinet ministers of Ukraine, People's Deputies of Ukraine, employees of foster services, government employees, the military personnel, employees of public authorities and other state bodies, heads and employees of the state companies, organizations and the organizations;

the responsible persons performing functions and the head's tasks on cyberprotection in local government bodies - for representatives of local government bodies.

6. Instructing and trainings on cyberhygiene can be also provided:

the main subjects of national system of cyber security in coordination with public authorities, other state bodies, local government bodies, the state companies, organizations and the organizations;

the subjects of managing, citizens of Ukraine and associations of citizens, other persons performing activities and/or providing the services connected with the electronic communications, information protection and cyberprotection, national electronic information resource, implementation of electronic transactions performing the activities connected with information electronic services on contractual basis or by use of mechanisms of state-private interaction.

7. Briefings and trainings on cyberhygiene for subjects of public administration are performed with such frequency:

after assignment them to positions in public authorities, other state bodies, at the state companies, in organizations and the organizations, acquisitions of powers in local government bodies or powers of the People's Deputy of Ukraine - during one calendar month after date of position assignment or acquisition of powers;

at least once a year during all term of stay on positions in public authorities, other state bodies, at the state companies, in organizations and the organizations or term of office in local government bodies or powers of the People's Deputy of Ukraine;

after approach of considerable cyberincident, cyber attack in public authorities, other state bodies, local government bodies, at the state companies, in organizations and the organizations - during one calendar month;

if necessary according to analysis result of risks.

8. During the special period frequency and procedure for briefings and trainings for the military personnel of Armed Forces is determined by cyberhygiene by the Commander-in-chief of Armed Forces.

9. Control of briefings and trainings on cyberhygiene is assigned to heads of public authorities, other state bodies, local government bodies, state companies, organizations and organizations.

10. Reporting information on briefings and trainings on cyberhygiene is stored in public authority, other state body, local government body, at the state company, in organization and the organization and is checked Gosspetssvyaz when implementing assessment of condition of cyberprotection information, electronic communication and information communications systems in which the state information resources or the office information and information which is the state secret, objects of critical information infrastructure or during actions of the state control of observance of requirements of the legislation in the field of cyberprotection according to Item of 1 part two of article 8 of the Law of Ukraine "About the basic principles of ensuring cyber security of Ukraine" are processed.

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info