Ukraine will have systems to respond to cyberattacks: Rada passes law
27 March 22:31
The Verkhovna Rada adopted a bill on cyber defense of state resources. This is stated on the website of the Verkhovna Rada, informs "Komersant Ukrainian"
Bill No. 11290 provides for the creation of national systems of response to cybersecurity incidents, cyberattacks and cyberthreats.
It is planned to create specialized cyber defense units in government agencies and critical infrastructure facilities.
What does the new cyber defense law provide for?
Law No. 11290 introduces a comprehensive approach to the protection of state information systems and critical infrastructure. Here are the main changes:
- National Cyber Threat Response System
Systems are created to promptly respond to cyberattacks, cyberthreats, and cybersecurity incidents. They will cover information, communications and technology systems where government data or restricted information is processed. - Response Teams
A network of national, sector and regional response teams (CSIRTs) is being developed to the standards of the European NIS 2 directive. Tasks from CERT-UA will be delegated to sectoral and private teams, increasing the effectiveness of the defense. - Crisis communication
Clear roles for response actors during cyber crises are defined to avoid chaos and quickly neutralize threats. - Cyber defense assessment
A cyber defense assessment and security authorization system is introduced. This will replace the outdated procedure for establishing comprehensive information protection systems (CISS), eliminating bureaucratic barriers. - Specialized units
Specialized cyber defense units will be established in government agencies and critical infrastructure facilities with clear requirements for their work and managers. - Training and cyber hygiene
Regular cyber defense training, education and briefings are planned to raise awareness among employees. - Improving priorities
The law clarifies the principles for the development of the national cybersecurity system, adapting it to modern challenges.
Why the law is important for Ukraine
Cyberattacks have become one of the main tools of hybrid warfare against Ukraine. In 2025 alone, the country has faced several large-scale incidents, such as the attack on Ukrzaliznytsya on March 22. The adoption of Law No. 11290 is a response to the growing threats, particularly as state resources and critical infrastructure are the main targets of hackers.
The new law harmonizes Ukrainian legislation with European standards (NIS 2 Directive), which is important for integration with the EU. It also simplifies bureaucracy by replacing the complex system of CSIS with more modern approaches to cyber defense.
How will the new Law affect Ukraine’s cybersecurity?
The adoption of this Law is an important step in strengthening the state’s cyber resilience. The main benefits of the innovations are:
Increasing the level of protection of state information resources;
Creation of an effective mechanism for responding to cyberattacks;
Strengthening cooperation between the public and private sectors in the area of cybersecurity;
Improving Ukraine’s institutional and technical preparedness for possible threats in cyberspace.
