On 29 September 2022, the Parliament of Ukraine registered the Bill No. 8087 "On Amendments to Certain Laws of Ukraine Regarding Urgent Measures to Strengthen Cyber Defence Capacities of State Information Resources and Critical Information Infrastructure Facilities" (the Bill).
The Bill purports to amend a number of laws of Ukraine aimed at strengthening security of state information resources and critical information infrastructures and implementing measures aimed at preventing, detecting and repelling aggression in cyberspace.
Asters' lawyers developed provisions relating to (i) establishment of the national cybersecurity incidents response system, tasks and powers of its members; under the new system private incident response teams will be able to provide incidents management services to operators of critical infrastructures, governmental and local authorities, and collaborate with other members of the system, including on matters of information sharing (ii) development of the national system relating to the exchange of information on cybersecurity incidents (iii) framework for programs like Bug Bounty which should become part of the procedure for search and detection of potential vulnerabilities in information and communication systems.
The Bill also introduces a new system of state control over the technical protection of information including cybersecurity along with the separation of standardization of cryptographic and technical protection of information, cyber protection, and counter-technical intelligence applicable to the specified subjects. In addition, the Bill proposes to create a system of cyber defence units in state authorities, establish an increased rate of salary for their employees, and implement a system of conducting appropriate training for persons responsible for the implementation of cybersecurity measures in the public sector and at critical infrastructure facilities.
Asters' team cooperated with and consulted the representatives of the State Service for Special Communications and Information Protection of Ukraine, the National Coordination Center for Cybersecurity of the National Security and Defence Council of Ukraine, the Security Service of Ukraine and other subjects ensuring cyber security. Asters' Tech & Comms team working on the project included Partner Yuriy Kotliarov, Counsel Sergiy Tsyba and Associate Victoria Kurylina.