Skip to content Skip to sidebar Skip to footer
Ваш AI помічникНовий чат
    Open chat icon

    On the Approval of Requirements for Cyber Incident Response Service

    This Order of the State Service of Special Communications and Information Protection (SSSCIP) No. 360 of May 19, 2026, establishes clear standards for the provision of cyber incident response services in Ukraine. The document defines the list of services to be provided by the national (CERT-UA), sectoral, and regional computer security incident response teams (CSIRTs). It is aimed at unifying the processes of detection, analysis, and remediation of the consequences of cyberattacks to increase the overall level of the state’s cyber defense. The document is mandatory for compliance by entities included in the national response system.

    **Structure and Main Provisions:**
    The Order consists of a regulatory part and an annex titled “Requirements for Cyber Incident Response Services.” The document structures the activities of response teams into five categories of services: cyber security event management, cyber incident management, vulnerability management, situational awareness, as well as education and training. Compared to previous approaches, this act details the functional responsibilities of the teams, defines mechanisms of interaction between them and users, and establishes rules for information exchange (in particular, the TLP protocol).

    **Key Provisions for Practical Use:**
    1. **Categorization of Services:** Response teams now have a clear list of functions (e.g., artifact analysis, fuzzing, vulnerability coordination), which allows cybersecurity entities to understand exactly what kind of assistance they can count on.
    2. **Procedure for Service Provision:** It is determined that services in the “Cyber Incident Management” category are provided without the conclusion of agreements, which is critically important for operational response during attacks.
    3. **Coordination:** The document establishes a mechanism for interaction with the Joint Response Group under the National Coordination Center for Cybersecurity (NCCC) in the event that an incident escalates into a crisis situation.
    4. **Accountability:** Bodies that have established response teams are required to approve and publish the list of services that these teams provide, which ensures transparency for users.

    Full text by link

    Leave a comment

    E-mail
    Password
    Confirm Password
    Lexcovery
    Privacy Overview

    This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.