{"id":18341,"date":"2026-07-08T10:10:59","date_gmt":"2026-07-08T07:10:59","guid":{"rendered":"https:\/\/lexcovery.com\/2026\/07\/on-the-approval-of-requirements-for-cyber-incident-response-service\/"},"modified":"2026-07-08T10:10:59","modified_gmt":"2026-07-08T07:10:59","slug":"on-the-approval-of-requirements-for-cyber-incident-response-service","status":"publish","type":"post","link":"https:\/\/lexcovery.com\/en\/2026\/07\/on-the-approval-of-requirements-for-cyber-incident-response-service\/","title":{"rendered":"On the Approval of Requirements for Cyber Incident Response Service"},"content":{"rendered":"<p>This Order of the State Service of Special Communications and Information Protection (SSSCIP) No. 360 of May 19, 2026, establishes clear standards for the provision of cyber incident response services in Ukraine. The document defines the list of services to be provided by the national (CERT-UA), sectoral, and regional computer security incident response teams (CSIRTs). It is aimed at unifying the processes of detection, analysis, and remediation of the consequences of cyberattacks to increase the overall level of the state\u2019s cyber defense. The document is mandatory for compliance by entities included in the national response system.<\/p>\n<p>**Structure and Main Provisions:**<br \/>\nThe Order consists of a regulatory part and an annex titled \u201cRequirements for Cyber Incident Response Services.\u201d The document structures the activities of response teams into five categories of services: cyber security event management, cyber incident management, vulnerability management, situational awareness, as well as education and training. Compared to previous approaches, this act details the functional responsibilities of the teams, defines mechanisms of interaction between them and users, and establishes rules for information exchange (in particular, the TLP protocol).<\/p>\n<p>**Key Provisions for Practical Use:**<br \/>\n1. **Categorization of Services:** Response teams now have a clear list of functions (e.g., artifact analysis, fuzzing, vulnerability coordination), which allows cybersecurity entities to understand exactly what kind of assistance they can count on.<br \/>\n2. **Procedure for Service Provision:** It is determined that services in the \u201cCyber Incident Management\u201d category are provided without the conclusion of agreements, which is critically important for operational response during attacks.<br \/>\n3. **Coordination:** The document establishes a mechanism for interaction with the Joint Response Group under the National Coordination Center for Cybersecurity (NCCC) in the event that an incident escalates into a crisis situation.<br \/>\n4. **Accountability:** Bodies that have established response teams are required to approve and publish the list of services that these teams provide, which ensures transparency for users.<\/p>\n<p><a href=\"https:\/\/zakon.rada.gov.ua\/go\/z0817-26\/ed20260519\"><strong>Full text by link<\/strong><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This Order of the State Service of Special Communications and Information Protection (SSSCIP) No. 360 of May 19, 2026, establishes clear standards for the provision of cyber incident response services in Ukraine. The document defines the list of services to be provided by the national (CERT-UA), sectoral, and regional computer security incident response teams (CSIRTs).&hellip;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"pmpro_default_level":"","footnotes":""},"categories":[15,45],"tags":[],"class_list":["post-18341","post","type-post","status-publish","format-standard","hentry","category-ukrainian-legislation-general-en","category-ukrainian-legislation-important","pmpro-has-access"],"acf":{"patreon-level":0},"_links":{"self":[{"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/posts\/18341","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/comments?post=18341"}],"version-history":[{"count":0,"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/posts\/18341\/revisions"}],"wp:attachment":[{"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/media?parent=18341"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/categories?post=18341"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lexcovery.com\/en\/wp-json\/wp\/v2\/tags?post=18341"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}