Cybersecurity Strategy of Ukraine

August 2021

SECURE CYBERSPACE IS THE KEY TO SUCCESSFUL DEVELOPMENT OF THE COUNTRY
*(This is not official translator)

1. Cyber security: global context

Ensuring cyber security is one of the priorities in the national security system of Ukraine. The implementation of the specified priority will be carried out by strengthening the capabilities of the national cyber security system to counter cyber threats in the modern security environment.

The 21st century is marked by the active formation of the sixth technological order and the risks that civilization faces as a result of the introduction of the latest technologies.

The specific weight of cyber threats is increasing and this trend will intensify in the next decade as information technologies develop and converge with artificial intelligence technologies. The growth of such influence on the functioning of both national and transnational management structures creates a new security situation. The spheres of influence in cyberspace are being divided between the world’s power centers, and their desire to ensure the realization of their own geopolitical interests is increasing due to such a division.

Cyberspace, along with other physical spaces, is recognized as one of the possible theaters of war. The tendency to create cyber armies is gaining strength, the tasks of which include not only ensuring the protection of critical information infrastructure from cyber attacks, but also conducting preventive offensive operations in cyberspace, which includes disabling critical infrastructure objects of the enemy by destroying information systems that control such objects.

The Russian Federation remains one of the main sources of threats to national and international cyber security, actively implements the concept of information warfare, based on a combination of destructive actions in cyberspace and informational and psychological operations, the mechanisms of which are actively used in the hybrid war against Ukraine. Such destructive activity creates a real threat of committing acts of cyber terrorism and cyber sabotage against the national information infrastructure.

An increase in the intensity of interstate confrontation and intelligence-subversive activities in cyberspace is predicted. The circle of states that are trying to form their own cyber intelligence, master modern technologies of intelligence and subversive activities in cyberspace, and strengthen state control over national segments of the Internet is expanding. At the same time, the toolkit is spreading, which involves the accumulation of large amounts of information about human behavior, social groups and the use of modern achievements in the field of artificial intelligence. The tendency to carry out reconnaissance and subversive activities in cyberspace through the involvement of the special services of certain states, primarily the Russian Federation, and international hacker groups to implement cyber influence is increasing.

The technical level of implementing cyber threats is increasing, new tools and mechanisms of cyber attacks are constantly being improved and developed. The tendency to use cyberattacks as a tool for special information operations, manipulation of public opinion, and influence on election processes is increasing.

The use of cyberspace by terrorist organizations is gaining a global scale. The priority targets of cyber-terrorism remain the objects of nuclear energy, electricity and water supply, the spheres of electronic communications, the financial and banking spheres, air and railway transport, warehouses of strategic types of raw materials, chemical and biological objects, etc.

The transition to 5G networks brings with it new challenges, the functioning of which fundamentally depends on the correct operation of the software, which due to the novelty of the technology may have new, unforeseen threats.

The COVID-19 pandemic will have a long-term impact on the world order, strengthening the role of electronic communications in everyday communication and work, which increases the degree of vulnerability of information processing processes, in particular, personal data. This requires ensuring the appropriate level of their security and forces the state and business to implement additional mechanisms and measures for the proper functioning and protection of all information resources and systems necessary for life.

The spread of cyber threats to all spheres of life and the improvement of tools for their implementation necessitates a change in the strategy and tactics of combating them. The fastest possible detection of vulnerabilities and cyber attacks, response and dissemination of information about them to minimize possible damage is gaining importance.

The rapidly changing digital world requires the formation of a more balanced and effective national cyber security system that can flexibly adapt to changes in the security environment, guaranteeing the safe functioning of the national segment of cyberspace to the citizens of Ukraine, foreseeing new opportunities for digitalization of all spheres of public life.

Ukraine must be able to ensure its socio-economic development in the digital world, which requires the acquisition of the ability to effectively deter destructive actions in cyberspace, the achievement of cyber resilience at all levels, and the cooperation of all actors in ensuring cyber security, which is based on trust.

In such a situation, it is urgent to approve the new Cybersecurity Strategy of Ukraine, which defines the priorities of national interests in the field of cyber security, existing and potentially possible cyber threats, the goals and objectives of ensuring the cyber security of Ukraine in order to create conditions for the safe functioning of cyberspace, its use in the interests of the individual, society and the state .

The strategy is based on the provisions of the Constitution of Ukraine, the laws of Ukraine “On the National Security of Ukraine” and “On the Basic Principles of Ensuring Cyber Security of Ukraine”, the Convention on the Protection of Human Rights and Fundamental Freedoms, the Convention on Cybercrime, the National Security Strategy of Ukraine, approved by the Decree of the President of Ukraine dated September 14 No. 392 of 2020, the Concept of Combating Terrorism in Ukraine, approved by the Decree of the President of Ukraine No. 53 of March 5, 2019, other normative legal acts.

2. The state of implementation of the Cybersecurity Strategy of Ukraine, approved by the Decree of the President of Ukraine dated March 15, 2016 No. 96

The approval of the Cybersecurity Strategy of Ukraine in 2016 was an important step in the introduction of long-term planning approaches in this area.

During the years of implementation of the Cyber Security Strategy of Ukraine, approved by the Decree of the President of Ukraine No. 96 dated March 15, 2016, efforts were made to establish and develop the national cyber security system. An important stage of its institutionalization was the adoption of the Law of Ukraine “On the Basic Principles of Ensuring Cyber Security of Ukraine”, which defined the legal and organizational foundations for the protection of the vital interests of man and citizen, society and the state, national interests of Ukraine in cyberspace, the main goals, directions and principles of state policy in the field of cyber security, the powers of state bodies, enterprises, institutions, organizations, individuals and citizens in this area, the main principles of coordinating their activities to ensure cyber security.

Regulatory support for cyber protection of critical information infrastructure objects has been improved, the procedure for its definition and general requirements for its cyber protection have been adopted.

Centers (units) for ensuring cyber security or cyber protection have been established in the State Service of Special Communications and Information Protection of Ukraine, the Security Service of Ukraine, the National Bank of Ukraine, the Ministry of Infrastructure of Ukraine, the Ministry of Defense of Ukraine, and the Armed Forces of Ukraine.

The National Telecommunication Network is being developed, the National Center for Reserving State Information Resources is being formed, the system for detecting vulnerabilities and responding to cyber incidents and cyber attacks is functioning, and the government response team for computer emergency events of Ukraine CERT-UA is operating.

In order to improve the coordination of the activities of the subjects of the security and defense sector, which provide cyber security, a working body of the National Security and Defense Council of Ukraine – the National Coordination Center for Cyber Security was formed, whose solutions contribute to solving the most complex problems in this area.

Cooperation in the field of cyber security with foreign partners is actively developing (the United States of America, the United Kingdom of Great Britain and Northern Ireland, the Federal Republic of Germany, the Kingdom of the Netherlands, Japan, etc.), cooperation with the EU and NATO is deepening, and cyber training is being conducted with the participation of other states and international organizations.

The annual Cyber Security Month event has been launched.

At the same time, the activities of the subjects of the national cyber security system remain insufficiently coordinated and are aimed at performing only current tasks. According to the results of expert evaluations, the state of implementation of the Cybersecurity Strategy of Ukraine, approved by the Decree of the President of Ukraine No. 96 of March 15, 2016, does not exceed 40 percent according to the specified indicators. Issues of prompt exchange of information about cyber threats, an effective personnel training system, and an effective public-private partnership model remained unresolved. The organization and conduct of scientific research in the field of cyber security are insufficient.

The experience gained made it possible to single out a number of systemic problems.

One of the identified problems was the lack of clarity of the identified priorities and directions for ensuring Ukraine’s cyber security, a large part of which did not have a clear final goal and were not specific. The level of planning measures for the implementation of the Cybersecurity Strategy of Ukraine, approved by the Decree of the President of Ukraine No. 96 dated March 15, 2016, was unsatisfactory, the planned measures were not always correlated with the tasks defined by it. The implementation of the mentioned Strategy was complicated by the lack of a holistic vision (program) for the development of the capabilities of the main subjects of the national cyber security system, the limitation of resource support for the functioning of this system, and the lack of proper state support for the development of its institutional support.

Indicators of the implementation of the Cybersecurity Strategy of Ukraine, approved by the Decree of the President of Ukraine No. 96 dated March 15, 2016, were not developed, which complicated the process of evaluating its effectiveness and identifying unfinished tasks. Subjects of the security and defense sector mainly took part in the implementation of the mentioned Strategy, other state bodies, scientific institutions, and the public were not sufficiently involved. Educational institutions and scientific institutions were not sufficiently involved in the implementation of tasks related to the development of scientific potential and the spread of cyber literacy.

The tasks of the Cybersecurity Strategy of Ukraine, which are extremely important for the development of the national cyber security system, approved by the Decree of the President of Ukraine No. 96 of March 15, 2016, have not been fulfilled, in particular: the list of critical information infrastructure objects has not been created, the public-private partnership model has not been created. The development of digital literacy was carried out without a clear program, e-learning was carried out sporadically.

The new Cyber Security Strategy of Ukraine takes into account previous experience and problems, the state of the cyber security environment at the national and international level, as well as the provisions of the EU Cyber Security Strategy for the Digital Decade, cyber security strategies of individual EU member states and NATO member states.

3. National cyberspace: challenges and cyber threats

Challenges for Ukraine in the field of cyber security are:

active use of cyber means in international competition;

the competitive nature of the development of cyber security tools in the conditions of rapid progressive changes in information and communication technologies, in particular cloud and quantum computing, 5G networks, big data, the Internet of Things, artificial intelligence, etc.;

the militarization of cyberspace and the development of cyberweapons, which makes it possible to covertly conduct cyberattacks to support hostilities and intelligence-subversive activities in cyberspace;

the impact of the COVID-19 pandemic on economic activity and social behavior, which caused a rapid transformation and organization of a significant segment of social relations in remote mode with the wide use of electronic services and information and communication systems;

introduction of new technologies, digital services and mechanisms of electronic interaction between citizens and the state, which is carried out unsystematically in terms of cyber security measures and without proper risk assessment.

Threats to cyber security of Ukraine are:

hybrid aggression of the Russian Federation against Ukraine in cyberspace. The aggressor state is constantly expanding its arsenal of offensive cyber weapons, the use of which can cause irreparable, irreversible destructive consequences. Cyberattacks of the Russian Federation are aimed, first of all, at the information and communication systems of state bodies of Ukraine and objects of critical information infrastructure with the aim of disabling them (cyber sabotage), obtaining covert access and control, carrying out intelligence and intelligence-subversive activities. Cyber attacks are also actively used by the aggressor state as an element of special information operations with the aim of manipulative influence on the population, interference in election processes and discrediting Ukrainian statehood;

cybercrime, which damages information resources, social processes, and individual citizens, reduces public trust in information technologies and leads to significant material losses. The use of cyberspace to commit crimes against the foundations of national security of Ukraine, as well as criminal offenses related to the legalization of proceeds of crime, human trafficking, illegal handling of weapons, ammunition or explosives, illegal circulation of narcotic drugs, psychotropic substances, is becoming more widespread. , their analogues or precursors and other objects and substances that threaten the life and health of people, etc.;

organized and sponsored by the governments of other states, cyberattacks related to the theft of sensitive information for political, economic or military purposes (cyberespionage) and the implementation of intelligence and subversive activities. Features of such cyber attacks are their duration, complexity and hidden nature, which makes it difficult to prevent, detect and neutralize them;

use of cyberspace by terrorist organizations to commit acts of cyberterrorism, financial and other support for terrorist activities.

Taking into account the challenges and threats that Ukraine faces in cyberspace, the role of cyber security in the processes of digital transformation of the state is growing critically.

Prerequisites and factors that form the outlined threats:

Ukraine’s high technological dependence on foreign manufacturers of information and communication technology products, the lack of a system for assessing the compliance of such products with security requirements, which increases the degree of vulnerability of the information infrastructure from undeclared functions and narrows the ability to counter cyber threats;

the imperfection of the regulatory and legal framework in the field of cyber security, as well as its obsolescence in the field of information protection, slow implementation of the provisions of European legislation, insufficient regulation of the digital component of the investigation of criminal offenses, as well as a low level of legal responsibility for violating the requirements of legislation in this area;

lack of relevant structural subdivisions, necessary staffing and proper monitoring of cyber protection in a significant part of state bodies, financing of cyber protection works on a residual basis;

lack of a system of independent audit of information security and mechanisms for disclosure of information about vulnerabilities in the conditions of dynamic digitalization of all spheres of public administration and life activities of the state;

non-compliance with modern requirements of the level of training and advanced training of specialists in cyber security and cyber protection, in particular ineffective mechanisms of their stimulation to work in the public sector;

the absence of a legislative act on the critical infrastructure of Ukraine and its protection, which significantly complicates the formation of a cyber protection system for such infrastructure;

the incompleteness of measures to implement an organizational and technical model of cyber protection that will meet modern threats, challenges in cyberspace and global trends in the development of the cyber security industry;

lack of a system for improving digital literacy of citizens and a culture of safe behavior in cyberspace, low level of public awareness of cyber threats and cyber protection;

lack of an effective system of information and analytical support for cyber security;

insufficient protection against cyberattacks of state information resources and objects of critical information infrastructure;

non-compliance with the requirements of the legislation on the state of protection of information and communication systems of state bodies and economic entities, in which a significant part of information with limited access is processed.

4. National cybersecurity system: principles of development

Ukraine strives to create the most open, free, stable and safe cyberspace in the interests of ensuring human rights and freedoms, social, political and economic development of the state.

For the further development of the national cyber security system on the basis of deterrence, cyber resistance, and cooperation, it is necessary to:

strengthening the capacity of the national cyber security system to prevent armed aggression against Ukraine in cyberspace or with its use, to neutralize intelligence and subversive activities, to minimize the threats of cybercrime and cyberterrorism (deterrence);

acquiring the ability to quickly adapt to internal and external threats in cyberspace, support and restore the sustainable functioning of the national information infrastructure, primarily objects of critical information infrastructure (cyber resilience);

ensuring the development of communication, coordination and partnership between subjects of cyber security at the national level, the development of strategic relations in the field of cyber security with key foreign partners, primarily with the European Union, the United States of America and other NATO member states, cooperation in this area with other states and international organizations based on the national interests of Ukraine (interaction).

Ukraine, in addition to the main subjects of the national cyber security system, will involve a wider range of participants, including business entities, public associations and individual citizens of Ukraine, in solving tasks in this area.

The National Cyber Security Coordination Center will play a key unifying and coordinating role in this process.

Ukraine will develop a national cyber security system based on:

comprehensive understanding and constant analysis of global trends in the cyber security environment, unwavering protection of Ukraine’s national interests in the field of cyber security;

the permanence of measures to review and clarify the powers and responsibilities of state cyber security entities, to improve legislation in the field of cyber security, and to act quickly to update it in accordance with changing security conditions;

priorities of economic and social development of society;

balanced provision of the needs of the state and the rights of citizens, compliance with the law, respect for fundamental values, human and citizen rights;

clearly defining the roles and mechanisms of interaction when solving cyber security tasks, stimulating the exchange of information, knowledge and experience;

a risk-oriented approach to ensuring cyber security;

cooperation and inclusive dialogue of all subjects of cyber security, strengthening of trust, in particular within the framework of public-private partnership;

implementation of modern principles, methods, approaches and mechanisms of public management in the field of cyber security;

balanced distribution of available material, financial and other resources;

a proactive approach to neutralizing cyber threats;

ensuring democratic civil control over the functioning of the national cyber security system.

5. Priorities of ensuring cybersecurity of Ukraine and strategic goals

The priorities of ensuring cyber security of Ukraine are:

ensuring cyberspace for the protection of state sovereignty and the development of society;

protection of the rights, freedoms and legitimate interests of Ukrainian citizens in cyberspace;

European and Euro-Atlantic integration in the field of cyber security.

The formation of a new quality of the national cyber security system requires a clear and understandable definition of strategic goals that must be achieved during the period of implementation of this Strategy.

For the formation of deterrence potential (C), it is necessary to achieve the following strategic goals:

goal C.1. Effective cyber defense – Ukraine will create and ensure the development (including personnel and technological) of units with the authority to conduct armed conflict in cyberspace, will form an appropriate legal, organizational, and technological model of their functioning and application, will ensure effective interaction of the main subjects of the national cyber security system and forces of defense during cyber defense activities, proper training and financial support of such structures, systematic cyber training, evaluation of the capabilities and effectiveness of units, development and implementation of indicators for evaluating their activities;

goal C.2. Effective countering intelligence and subversive activities in cyberspace and cyber terrorism – Ukraine will ensure the continuous implementation of counterintelligence measures to detect, prevent and stop intelligence and subversive activities of foreign states, acts of cyber espionage and cyber terrorism, eliminate the conditions that contribute to them and the causes of their occurrence to ensure the interests of the state , society and individual citizens;

goal C.3. Effective countermeasures against cybercrime – Ukraine will ensure that law enforcement agencies and special state bodies with law enforcement functions acquire capabilities to minimize threats of cybercrime, strengthen their technological and human resources to carry out preventive measures and investigate cybercrimes;

goal C.4. Development of asymmetric deterrence tools – Ukraine will create the necessary conditions to ensure the deterrence of aggressive actions in cyberspace against Ukraine through the use of economic, diplomatic, intelligence measures, as well as the involvement of the potential of the private sector.

In order to acquire cyber resilience (K), it is necessary to achieve the following strategic goals:

goal K.1. National cyber readiness and reliable cyber defense – Ukraine will introduce and implement clear and understandable measures for national cyber readiness for all interested parties in the interests of ensuring economic well-being and protecting the rights and freedoms of every citizen of Ukraine. Ukraine will strengthen cyber readiness, which will consist in the ability of all interested parties, primarily subjects of the security and defense sector, to respond in a timely and effective manner to cyber attacks, to ensure a regime of constant readiness for real and potential cyber threats, to identify and eliminate prerequisites for their occurrence, thereby ensuring cyber resilience , primarily objects of critical information infrastructure. Ukraine will create a national incident management system;

goal K.2. Professional improvement, a cyber-aware society and scientific and technical support of cyber security – Ukraine will carry out a radical reform of the system of training and advanced training of specialists in the field of cyber security, as well as implement measures to preserve the existing qualified personnel potential of cyber security subjects, stimulate research and development in the field of cyber security, taking into account emergence of new cyber threats and challenges, creation of national information systems, platforms and products. The domestic scientific and technical potential will primarily be involved in solving the tasks of ensuring the cyber security of the state. Digital skills, cyber awareness of modern cyber threats and their countermeasures will become integral elements of the education of every citizen of Ukraine;

goal K.3. Secure digital services – Ukraine will ensure the achievement of a balance between the needs of society, the domestic market, the state’s economy and the necessary cyber security measures, as well as the reliability and security of digital services throughout their entire life cycle.

To improve interaction (B), it is necessary to achieve the following strategic goals:

goal B.1. Strengthening the coordination system – Ukraine will create conditions for the effective interaction of cyber security entities in the process of building and functioning of the national cyber security system, as well as for effective joint actions during the prevention, repulsion and neutralization of the consequences of cyber attacks and cyber incidents, will coordinate the activities of all interested parties in order to overcome emergencies (crisis) situations in cyberspace.

goal B.2. Formation of a new model of relations in the field of cyber security – Ukraine will introduce a service model of state participation in cyber security measures, under which the state will be perceived not as a source of requirements, but as a partner in the development of the national cyber security system;

goal B.3. Pragmatic international cooperation – Ukraine will direct relations with international partners both to the development of mutual trust for a joint response to cyber attacks and overcoming crisis situations in cyber security, and to purely practical cooperation: exchange of information about cyber attacks and cyber incidents, joint cyber operations and investigation of international cyber crimes, regular e-learning and trainings, exchange of experience and best practices. Ukraine will ensure active participation in the dialogue within the framework of international organizations regarding the joint development of norms of behavior in cyberspace and improvement of the relevant regulatory and legal framework. Ensuring coordination with international partners will be carried out by the Ministry of Foreign Affairs of Ukraine.

6. Strategic tasks

The development of the national cyber security system on the basis of deterrence, cyber resistance and cooperation should be carried out by the implementation of strategic tasks aimed at achieving defined goals.

To achieve goal C.1, Ukraine will form a system of effective cyber defense by:

formation of cyber troops in the system of the Ministry of Defense of Ukraine and providing them with the appropriate financial, personnel and technical resources to deter armed aggression in cyberspace and repulse the aggressor;

introduction of effective mechanisms of interaction between the main subjects of the national cyber security system and the defense forces in terms of joint performance of cyber defense tasks;

development and implementation of a cyber defense plan as a component of Ukraine’s defense plan;

holding at least twice a year joint thematic exercises with relevant divisions of NATO member states in order to achieve operational interoperability;

creation of MIL.CERT-UA in the interests of the Ministry of Defense of Ukraine and the Armed Forces of Ukraine, establishing cooperation with the European military CERT network on a permanent basis;

providing an assessment of the capabilities of security and defense sector entities in terms of joint performance of cyber defense tasks, in particular during defense reviews, reviews of the national cyber security system, reviews of the state of cyber protection of state information resources and critical information infrastructure;

introduction into the system of military-patriotic education and the system of territorial defense of training programs and conducting practical training in the field of cyber security.

To achieve the goal of C.2, Ukraine will provide effective countermeasures against intelligence and subversive activities in cyberspace and cyberterrorism by:

creation, in accordance with the approved conceptual principles, of a nationwide system for detecting cyberattacks, countering acts of cyberterrorism and cyberespionage in relation to objects of critical information infrastructure;

improvement of analytical and forensic support of counter-intelligence protection of the state’s cyber security due to the introduction of innovative methods of processing and evaluation of digital data, formation of electronic evidence;

strengthening of capabilities in conducting covert inspections of the state of readiness of critical infrastructure objects for possible cyber attacks and cyber incidents, gradually covering all such objects with such measures;

strengthening counter-intelligence protection of the electronic communications sphere, the IT sphere, and the environment affiliated with them, aimed at detecting, preventing and stopping intelligence-subversive encroachments of foreign special services on the national security of Ukraine in the field of cyber security;

creation of technological capabilities for automatic detection of cyber attacks in real time in the data streams of state-wide information and communication systems and on individual objects of critical infrastructure, their blocking and prioritization;

improvement of regulatory, organizational and personnel support of the national system of combating terrorism in the part related to the involvement of law enforcement agencies in the implementation of measures to prevent, detect and stop acts of cyber-terrorism.

To achieve the goal of C.3, Ukraine will strengthen its capabilities in combating cybercrime by:

completion of the implementation of the provisions of the Convention on Cybercrime into the legislation of Ukraine;

regulation of the issue of electronic evidence at the legislative level, using the best practices on these issues of the United States of America, EU member states and taking into account modern challenges and trends in the field of cyber security;

development of conceptual approaches to the implementation of state policy in the sphere of ensuring the rights of citizens in cyberspace (especially the most vulnerable groups of the population, primarily children);

introduction of the practice of conducting a nationwide information and clarification campaign regarding the actions of citizens in the event that they encounter cyber fraud and other cybercrimes, as well as clarification of the procedures for applying to law enforcement agencies;

development of a methodology for collecting cyber statistics and annual publication of statistical information on cyber attacks, cyber incidents and countermeasures by areas of responsibility of the main subjects of the national cyber security system on their official websites;

development of a methodology for conducting annual sociological studies on cyber threats faced by the population of Ukraine, with evaluations of the effectiveness of state bodies in countering them and ensuring the conduct of such studies;

development of a communication technique between the state and society to counteract large-scale cyber attacks and cyber incidents, creating the necessary conditions for its practical implementation;

introduction of mechanisms for the identification of e-commerce entities in cyberspace, ensuring the introduction of appropriate changes to the legislation of Ukraine;

regulation at the legislative level of the legal status of cryptocurrencies;

conducting joint activities with the EU aimed at increasing resilience in cyberspace and the ability to investigate, prosecute cybercrime and respond to cyber threats;

ensuring the improvement of the qualification level, material and technical support of forensic experts in the areas of research of computer technology and software products, communication systems and means;

ensuring an increase in the level of knowledge of employees of operational divisions, employees of pre-trial investigation bodies, prosecutors’ offices, judges in the field of information technologies and cyber security, primarily in the areas of collecting and researching electronic evidence;

involvement of private experts in conducting computer-technical and telecommunications research and expertise, software research, which are necessary for rapid response to cyber incidents and effective investigation of cybercrimes.

To achieve goal C.4, Ukraine will implement asymmetric deterrence tools by:

improvement of the cyber security intelligence system in terms of creation, development of forces, means and tools for prevention of threats to national security in cyberspace;

strengthening of measures to ensure cyber security of information infrastructure and cyber protection of information resources of foreign diplomatic institutions of Ukraine and state-owned objects of Ukraine abroad;

creation of technological possibilities of connection by suppliers of electronic communication networks and/or services of technical means for the implementation of operative-search, counter-intelligence and reconnaissance measures;

introduction of an approach harmonized with the Euro-Atlantic community to the application of sanctions in response to subversive activities in cyberspace, development and coordination with foreign partners of a mechanism for joint diplomatic and economic actions and measures, in particular, the introduction of restrictive measures in the form of economic sanctions, in response to destructive cyber activity;

using all available tools of diplomacy and international law to counter malicious activity in cyberspace against Ukraine;

establishing a systematic exchange of information on destructive activities in cyberspace with international partners, primarily the United States of America, EU member states and NATO member states, creating a platform for such exchange;

settlement at the legislative level of the issue of comprehensive involvement of the private sector and civil society in the implementation of measures to curb destructive activities in cyberspace;

development of effective mechanisms for the involvement of private sector cyber security specialists in deterring and countering aggression against Ukraine in cyberspace.

To achieve the goal of K.1, Ukraine, in cooperation with private sector entities, the academic community and the public, will ensure the strengthening of national cyber readiness and cyber defense by:

development of the National Plan for responding to emergency (crisis) situations in cyberspace, which will determine the mechanisms for responding to cyberattacks of a national scale regarding critical information infrastructure objects and measures for further recovery;

creation of a national incident management system, development and implementation of standard operating procedures for responding to various types of events in cyberspace with the definition of criteria for assessing the criticality of events and prioritizing response depending on the determined level of criticality;

ensuring constant monitoring of national electronic communication networks and information resources, analysis of intrusions on these networks and resources, as well as real-time detection of anomalies in their functioning;

introduction of planning of expenditures on cyber security under separate budget programs;

development of basic (minimum mandatory level will be determined) requirements and recommendations for ensuring cyber security for the public and private sectors, taking into account the best global practices;

establishing, on the basis of mutual trust, the systematic exchange of information about cyber attacks, cyber incidents and indicators of cyber threats between all subjects of cyber security, primarily on the basis of the technological platform of the National Cyber Security Coordination Center, the unification of information exchange formats;

implementation of a risk-oriented approach in terms of measures to ensure the cyber security of critical infrastructure objects and state bodies, in particular, the development of methods for the identification and assessment of cyber risks at the national level and for sectors of the state’s critical infrastructure, regulation at the legislative level of the obligation to carry out periodic risk assessment based on developed methods;

implementation of the product certification system, which is used for the functioning and cyber protection of information and communication systems, primarily objects of critical information infrastructure;

ensuring the development of the organizational and technical model of cyber protection;

completion of the processes of identifying critical infrastructure objects and critical information infrastructure objects, creating and ensuring the functioning of the state register of critical information infrastructure objects, constantly reviewing and updating requirements for their cyber protection, taking into account modern international standards on cyber security issues;

introduction on a permanent basis of assessing the state of security of objects of critical information infrastructure and state information resources for vulnerability, establishing the obligation and periodicity of conducting such an assessment taking into account the categories of criticality of objects, stimulating the participation of private sector cyber security specialists in these measures;

implementation of an information security audit system, primarily at critical infrastructure facilities, determination of mechanisms and basic methods of conducting audits, establishment of requirements for information security auditors, their certification, attestation (re-attestation), training and advanced training, as well as regarding the obligation and periodicity conducting audits, providing generalized information about the results of audits to the National Cyber Security Coordination Center;

ensuring the development of systems of technical and cryptographic protection of information, prioritizing the use of means of technical and cryptographic protection of information of domestic production for cyber protection of state information resources and objects of critical information infrastructure;

implementation of domestic decisions on information protection;

conducting command and staff cyber training of a strategic level, as well as thematic cyber training and training with the participation of representatives of the public and private sectors;

ensuring the development of a network of response centers for cyber attacks and cyber incidents;

completion of the deployment of the National Telecommunications Network, increase in its bandwidth, provision during its operation of exclusively domestic means of cryptographic protection of information;

ensuring the functioning and development of the National Center for Reservation of State Information Resources, modernization of the system of protected access of state bodies to the Internet;

creation of a national domain name service (DNS).

To achieve the goal of K.2 in Ukraine, scientific research in the field of cyber security will be carried out, the system of training and advanced training of personnel will be reformed, and educational programs, courses, trainings on cyber education will be launched for all segments of the population through:

ensuring the coordination of the scientific community during the conduct of scientific research and development in the field of cyber security and its involvement in measures to implement state policy in the field of cyber security;

determination of long-term directions of research and development in the field of cyber security, as well as the development of an effective program of state support (based on a project approach) of scientific institutions and organizations strategically important for the cyber security of the state, conducting scientific research in this field for the needs of national security and defense;

ensuring the stimulation of research and development in the field of cyber security, taking into account the development of the latest information and communication technologies, in particular, cloud and quantum computing technologies, 5G networks, the Internet of Things, artificial intelligence, as well as the emergence of new means of implementing cyber threats in order to create domestic systems, platforms and products in the field of cyber security;

improvement of the system of training and advanced training of specialists in the field of cyber security;

development of the National Cyber Literacy Program, aimed at increasing the level of digital literacy of the population of Ukraine, in particular, by including issues related to digital skills, cyber awareness of modern cyber threats and their countermeasures in general secondary, professional (vocational-technical), professional pre-higher and higher education programs;

creation of centers that will generalize and exchange experience in the field of cyber security, support innovations and domestic developments in this field;

provision of material incentives for specialists in the field of cyber security who are in the military, public service, including public service of a special nature, service in law enforcement agencies or work under an employment contract in the public sector and directly perform the functions of ensuring cyber security and cyber protection, taking into account the levels remuneration of such specialists in the private sector;

involvement of subjects of the national cyber security system in international programs of training and professional development of personnel.

To achieve the goal of K.3, Ukraine will focus its efforts on ensuring the reliability and security of digital services by:

strengthening the trust of the private sector and citizens in digital services provided by the state, unconditional fulfillment of requirements for ensuring cyber security and cyber protection during their provision and informing the public about their safety and reliability;

introduction of digital services for the population and development of the national information infrastructure;

development of national standards in the field of cyber security, organizational and technical requirements related to the security of applications, mobile devices, workstations, servers and networks, cloud computing models, taking into account European and international standards;

creation of bodies for assessing the compliance of providers of electronic trust services with the requirements for qualified providers of qualified electronic trust services;

creation of the necessary prerequisites (normative, organizational, technological) for authentication of users of digital services (where necessary) using an integrated electronic identification system using electronic identification technologies and/or electronic trust services;

increasing the effectiveness of the personal data protection system of citizens by harmonizing the legislation of Ukraine with the relevant EU legislation and strengthening responsibility for violations of established requirements.

To achieve goal B.1, the National Cyber Security Coordination Center will ensure the coordinated activities of all interested parties in the process of building and functioning of the national cyber security system by:

development and approval of the procedure for conducting a review of the national cyber security system, ensuring that it is conducted at least once a year during the implementation of the Strategy;

introduction of mandatory immediate, without undue delay, provision of information on cyber threats, cyber attacks and cyber incidents by all departmental and branch (sectoral) cyber security (cyber protection) centers to the National Cyber Security Coordination Center;

ensuring consideration of the most important issues in the field of cyber security of Ukraine at the meetings of the National Cyber Security Coordination Center, systematic control over the state of implementation of its decisions;

introduction of coordinated identification and disclosure of vulnerabilities of information and communication systems;

development and introduction of mechanisms to encourage the private sector, the scientific community, public organizations and individual citizens to participate in the formation and implementation of measures to ensure cyber security;

ensuring the annual publication by the main subjects of the national cyber security system of public reports on the state of cyber security by areas of responsibility.

To achieve goal B.2, Ukraine, in cooperation with the private sector, will form an effective model of relations in the field of cyber security, based on trust, by:

regulation at the legislative level of the issue of public-private partnership in the field of cyber security, determining the forms and methods of implementing such a partnership, strengthening mutual trust and providing for the possibility of introducing experimental projects in this area;

introduction of conducting consultations of interested parties on a regular basis and providing methodical assistance on the formation of cyber protection units, industry (sectoral) centers for ensuring cyber security and response teams to cyber incidents, all-round support for their development;

involvement on a regular basis of representatives of scientific institutions, public organizations and independent experts in the field of cyber security in the development of draft regulations, regulatory documents and standards in this field;

increasing the effectiveness of public involvement in decision-making in the field of cyber security by conducting relevant surveys (questionnaires) and posting their results on the information resources of the National Cyber Security Coordination Center and the main subjects of the national cyber security system;

stimulating the development of domestic software products, in particular open source software, which will be used as a priority for processing and protecting state information resources, as well as on critical information infrastructure facilities;

implementation of the program for the development of the market of goods and services in the field of cyber security, which will include stimulation of its development and international recognition;

continuation of the practice of the annual cyber security month in Ukraine with the involvement of a wide range of specialized specialists and experts from state bodies, educational institutions and scientific institutions, as well as public associations and the private sector;

introduction of a system of insurance against cyber risks, in particular, a mechanism for assessing the losses of business entities as a result of cyber attacks for the possibility of their compensation;

development of financial and non-financial mechanisms to promote the implementation of modern cyber security technologies in the public and private sector, including insurance, leasing, benefits, etc.

To achieve goal B.3, Ukraine will develop international cooperation in the field of cyber security, aimed primarily at ensuring independence and state sovereignty, restoration of territorial integrity of Ukraine, by:

ensuring Ukraine’s participation in international UN events to encourage responsible behavior of states in cyberspace;

ensuring Ukraine’s participation in finalizing the Second Additional Protocol to the Convention on Cybercrime regarding the development of measures and guarantees to improve international cooperation between law enforcement and judicial authorities, as well as between authorities and service providers in other states;

expanding, through dialogue with international partners, the access of law enforcement agencies of Ukraine to the resources of the European Center for Combating Cybercrime, to the Interpol I-24/7 telecommunications system;

continued cooperation with the Agency of the European Union on issues of network and information security, in particular on issues of coordinated disclosure of vulnerabilities and implementation of the Directive of the European Parliament and of the Council (EU) 2016/1148 of July 6, 2016 on measures for a high common level of security of network and information systems in the territory Union as an element of the European integration of Ukraine;

deepening cooperation with the International Telecommunication Union in the spheres of cyber security and electronic communications, in particular on issues of standardization in these spheres;

deepening cooperation with international organizations in the field of protecting children from online sexual violence;

development of international cooperation in the field of cyber security by supporting international initiatives in this field that correspond to the national interests of Ukraine;

continuation of the practice of conducting bilateral cyber dialogues with partner states with the aim of exchanging advanced experience in the field of cyber security, information about cyber threats, developing communication between interested state bodies of Ukraine and foreign states, expanding the range of partner states with which cyber dialogues are held, initiating the issue of concluding bilateral agreements on cooperation in the field of cyber security;

creation of a permanent working group on issues of interaction with leading IT companies, global providers of digital services, social networks with the aim of countering hybrid threats, the spread of disinformation, the possibility of applying sanctions in accordance with the laws of Ukraine;

determination and approval of the list of priority directions for attracting international technical assistance in the field of cyber security of Ukraine.

7. Directions of foreign policy activity of Ukraine in the field of cyber security

In the field of cyber security, Ukraine will ensure the deepening of European integration processes by unifying approaches, methods and means of ensuring cyber security with established EU and NATO practices, taking other measures agreed with key foreign partners aimed at strengthening Ukraine’s cyber resilience, developing the capabilities of the national cyber security system and protecting national interests in cyberspace .

Ukraine will pay special attention to countering international terrorism jointly with its partners, detecting, preventing and stopping crimes against the peace and security of humanity, other illegal actions that violate the international legal order and the interests of the democratic world community, will develop on a contractual basis with partner special services of EU member states and states – NATO members will mutually beneficial exchange of information and experience on ensuring national security in cyberspace, will use the best global practices, will actively carry out other joint activities that will contribute to the strengthening of the scientific, material and technical base and personnel potential in the field of cyber security.

Ukraine will cooperate with international partners, organizations and other interested parties who share our common vision of the future of cyberspace as global, open, free, stable and safe, based on the observance of human rights, fundamental freedoms and democratic values, which are the guarantee of socio-economic and political development of Ukraine.

Ukraine will continue to actively participate in the international dialogue on responsible behavior of states in cyberspace based on compliance with the principles of international law, the UN Charter, as well as norms, rules and principles of responsible state behavior. This will require greater coordination and consolidation of interested parties at international forums, in which Ukraine will be not only a participant, but also an initiator and organizer.

Ukraine will maximally support a multi-stakeholder (multilateral) model of Internet management, promoting international, regional and national discussions on this issue, involving representatives of the private sector, scientific and educational circles, civil society institutions in this process. Attempts by individual authoritarian states to sovereignize the Internet contradict the long-term interests of Ukraine and its model of socio-economic development.

Ukraine will promote further compliance with international law and standards in the field of human rights, encourage the use of best practices, and intensify its efforts to prevent abuse of new technologies. To this end, Ukraine will intensify its participation and partnership in international standardization and certification processes in the field of cyber security, expand its representation in international, regional and other standardization bodies, organizations engaged in the development of standards and certification in this field.

In matters of developing standards in the fields of new technologies (in particular, regarding artificial intelligence, cloud technologies, quantum computing and quantum communications) and the basic architecture of the Internet, Ukraine proceeds from the fact that the Internet should remain global and open, technologies should be focused on people, their basic freedoms, to guarantee non-interference in her private life, to ensure her privacy in cyberspace, and any restrictions should be made only in accordance with the law. The use of technology must be legal, safe and ethical. At the same time, in connection with the complication of international security in cyberspace, Ukraine will take a more active position in UN discussions and other international forums to promote, coordinate and consolidate its position in the field of cyber security, reducing the danger of militarization of cyberspace.

Ukraine will develop a network of partnerships in the field of cyber security, building existing and creating new formats and mechanisms of international cooperation.

8. Mechanisms of implementing the strategy and ensuring openness

The coordinator of the implementation of this Strategy is the working body of the National Security and Defense Council of Ukraine – the National Cyber Security Coordination Center.

The implementation of the Strategy is directly carried out by the main subjects of the national cyber security system, the Ministry of Foreign Affairs of Ukraine, the Ministry of Digital Transformation of Ukraine, the Ministry of Education and Science of Ukraine and other subjects of cyber security within their competence.

The main criterion for the effectiveness of the Strategy is the achievement of the goal and strategic goals through the implementation of defined strategic tasks.

The National Coordination Center for Cyber Security provides (for the entire period of validity of the Strategy) the planning of the implementation of the Strategy, coordinates and monitors the status of its implementation and effectiveness in the forms defined by the law.

The Strategy implementation plan, developed by the National Cyber Security Coordination Center and approved in accordance with the established procedure, is the basis for the annual planning by cyber security entities of measures to implement the Strategy.

The Cabinet of Ministers of Ukraine, in accordance with the established procedure, provides the necessary forces, means and resources for the implementation of measures for the implementation of the Strategy.

The results of the implementation of the planned measures for the implementation of the Strategy are submitted by the subjects of cyber security to the National Coordination Center of Cyber Security.

The effectiveness of the implementation of the Strategy is determined in the status reviews carried out in the prescribed manner:

national cyber security system;

cyber protection of state information resources and critical information infrastructure.

The results of the reviews may become the basis for making changes to the Strategy Implementation Plan and/or annual Strategy implementation action plans due to the need to adapt to changes in the security environment, eliminate and minimize negative trends in the field of cyber security.

The strategy is the basis for justifying the distribution of material, personnel and other resources necessary to ensure cyber security.

Funding of measures for the implementation of the Strategy will be carried out within the limits of expenditures provided for by the State Budget of Ukraine and from other sources not prohibited by law. In order to coordinate, the National Cyber Security Coordination Center, during the preparation of materials for meetings of the National Security and Defense Council of Ukraine regarding the draft Law of Ukraine on the State Budget of Ukraine and proposals to the Budget Declaration on articles related to ensuring the national security and defense of Ukraine, analyzes the proposals of sub entities for ensuring cyber security of Ukraine regarding the financing of cyber security measures provided for by the provisions of the Cyber Security Strategy of Ukraine, and provides relevant proposals.

According to the legislation, government bodies, enterprises, institutions and organizations will foresee financial costs for cyber security in their plans. In the framework of public-private partnership, international technical assistance, investments will be attracted, which will be directed to the development of the national cyber security system.

Every year, the National Coordination Center for Cyber Security publishes a public report on the state of implementation of the Strategy based on general assessments.

The Strategy implementation process should be as transparent, open as possible and accompanied by democratic civil control. For this purpose, the main subjects of the national cyber security system, within their competence, will additionally inform the public annually through their own official websites about the status of their implementation of the Strategy and the status of funding of relevant measures.

9. Measures of success (metrics)

The effectiveness of the implementation of the Strategy will be determined through constant monitoring of its implementation and will be based on a clear system of indicators of the state of cyber security, which will be developed during the first year of the implementation of the Strategy.

Indicators should determine the progress achieved by cyber security entities in the implementation of the Strategy on such issues as:

execution of strategic tasks within the goals defined by the Strategy (for each task);

achievement of strategic goals defined by the Strategy (for each goal);

the level of influence of measures carried out within the framework of the Strategy on the national cyber security system and the digital transformation of the state.

The implementation of indicators of the state of cyber security will ensure the improvement of the process of monitoring the implementation of the Strategy in real time using modern web resources (online platforms), transparency of the measures taken for society and the state. Strengthening the impact of the national cyber security system on social development will be determined by the following criteria:

the level of public trust in the state regarding the safety of cyberspace;

formation of a safe information society in which, in addition to state institutions, private entities and citizens are involved in cyber security measures;

the level of protection of national interests in the field of cyber security (as an example, the level of influence on the development of the situation related to the aggression of the Russian Federation against Ukraine).

With the help of an extensive system of indicators, the state of achieving the conditions for the safe functioning of cyberspace, its use in the interests of the individual, society and the state will be determined.

The system of indicators will include basic indicators of the state of cyber security, indicators of the development of the national cyber security system and indicators of the state of cyber protection of critical information infrastructure, state information resources and information, the requirement for the protection of which is established by law, which will make it possible to comprehensively assess the effectiveness and efficiency of the implementation of the Strategy.

Ukraine will develop the national cyberspace as global, open, free, stable and safe for the protection of state sovereignty, social and economic development of society.

Based on the results of the implementation of the Strategy, Ukraine, in cooperation with the private sector and with the involvement of international partners, will ensure:

resilience to cyber threats by increasing the ability of government agencies, businesses and citizens to protect themselves and respond to cyber threats;

the ability to effectively counter unfriendly actions in cyberspace, ensuring their quick detection and investigation, the creation of an effective system of preventive measures to prevent such actions, as well as the ability to conduct offensive operations in cyberspace;

the development of personnel potential and the innovative cyber security market, which will contribute to the creation of national developments at the level of best global practices to ensure the ability to counter future cyber threats.

Head of the Office of the President of Ukraine A. Yermak