Ukrainian President Volodymyr Zelenskyy signed Law No. 4336-IX to strengthen the country’s cybersecurity efforts amidst rising cyberattacks. The law, passed on March 27, aims to protect state networks and critical infrastructure from ongoing cyber threats. It introduces broad reforms in Ukraine’s national cyber strategy, focusing on enhancing the country’s ability to respond to cyberattacks targeting government systems. The law marks a shift toward risk-based management, with a focus on coordinated responses and better information sharing.
A key element of the law is the creation of the National Cyber Incident Response System, which clarifies roles and responsibilities for response teams. The law also introduces a crisis response protocol, enabling the government to activate emergency measures for large-scale cyberattacks. Another significant addition is the Cyber Incident Information Exchange System, aimed at improving incident reporting and management across both public and private sectors. The system follows European Union practices, minimizing duplication and confusion in urgent situations.
The law replaces Ukraine’s outdated Comprehensive Information Protection System (CIPS) with a modern risk management framework. This shift emphasizes continuous security throughout the lifecycle of digital systems, with tailored protection profiles and oversight mechanisms. Additionally, the law includes provisions for regular cybersecurity assessments and audits, ensuring that protection is both effective and adaptable. It also mandates the designation of dedicated cybersecurity officers in government ministries and critical infrastructure sectors to manage policies and compliance.
Ukraine’s new law aligns the country with EU cybersecurity directives and enhances international cooperation. It aims to standardize incident reporting and improve risk management across both public and private sectors. With cyberattacks linked to Russia increasing, Ukraine’s need for strong defenses is urgent. The law is seen as a vital step for long-term digital resilience, with support expected from NATO allies and European agencies to bolster Ukraine’s cybersecurity posture during the war and beyond.
Reference: