Про основні засади заб... | on October 5, 2017 № 2163-VIII (Print version)
24/09/2022, 01:03
Official translation
Last modification: 11.06.21 12:27:56
L AW O F U K R A I N E
On the Basic Principles of Cybersecurity in Ukraine
(The Official Bulletin of the Verkhovna Rada (BVR), 2017, No. 45, Article 403)
{As amended by Laws
No. 2469-VIII of 21 June 2018, BVR, 2018, No. 31, Article 241
No. 720-IX of 17 June 2020, BVR, 2020, No. 47, Article 408
No. 912-IX of 17 September 2020}
This Law defines the legal and organisational basis for the protection of the vital interests of
individuals and citizens, society and the state, national interests of Ukraine in cyberspace, the main
objectives, directions and principles of public policy in the field of cybersecurity, the powers of state
bodies, enterprises, institutions, organisations, individuals and citizens in this field, and the main basis
for the co-ordination of their activities to ensure cybersecurity.
Article 1. Definitions
1. For the purposes of this Law, the following definitions shall apply:
1) cyber threat indicators – indicators (technical data) used to detect and respond to cyber threats;
2) information on a cybersecurity incident – information on the circumstances of a cyber incident,
in particular, which objects of cyber defence were attacked and under which conditions, which were
successfully detected, neutralised, which were prevented using which cyber defence means, including
which cyber threat indicators were used;
3) cybersecurity incident (hereinafter referred to as cyber incident) – an event or series of adverse
events of an unintentional nature (natural, technical, technological, erroneous, including due to human
factor) and/or those that have signs of a possible (potential) cyberattack, which threaten the security of
electronic communications systems, technological process control systems, create the possibility of
disruption of the normal operation of such systems (including disruption and/or blockage of system
work, and/or unauthorised management of its resources), endangering the security (safety) of
electronic information resources;
4) cyberattack is a targeted (deliberate) act in cyberspace, which is carried out through electronic
communications (including information and communication technologies, software, firmware, other
technical and technological instrumentalities and equipment) and is aimed at achieving one or a
combination of the following goals: violation of confidentiality, integrity, availability of electronic
information resources processed (transmitted, stored) in communication and/or technological systems,
obtaining unauthorised access to such resources; violation of security, stable, reliable and regular
functioning of communication and/or technological systems; use of communication system, its
resources and electronic communication means for cyberattacks on other objects of cyber defence;
5) cybersecurity is the protection of vital interests of individuals and citizens, society and the state
in the use of cyberspace, which ensures the sustainable development of information society and the
digital communication environment, timely detection, prevention and neutralization of real and
potential threats to the national security of Ukraine in cyberspace;
6) cyber threat – existing and potentially possible phenomena and factors that pose a threat to
vital national interests of Ukraine in cyberspace, have a negative impact on the state's cybersecurity,
cybersecurity and cyber defence of its facilities;
7) cyber defence – a set of organisational, legal, engineering and technical measures, as well as
measures of cryptographic and technical protection of information, aimed at preventing cyber
incidents, detecting and protecting against cyberattacks, eliminating their consequences, restoring
consistency and reliability of functioning of communication and technological systems;
8) cybercrime (computer crime) – a socially dangerous criminal act in cyberspace and/or with its
use, the liability for which is provided by the law of Ukraine on criminal liability and/or which is
recognised as a crime by the international treaties of Ukraine;
9) cybercrime – a set of cybercrimes;
10) cyber defence – a set of political, economic, social, military, scientific, scientific-technical,
informational, legal, organisational and other activities carried out in cyberspace and aimed at
protecting the sovereignty and defence capabilities of a state, preventing armed conflict and repelling
https://zakon.rada.gov.ua/laws/show/en/2163-19/print
Page 1 of 12