The Verkhovna Rada of Ukraine adopted the law “On Amendments to the Law“ On Information Protection in Information and Telecommunication Systems ”regarding confirmation of the compliance of the information system with information protection requirements cloud architect.
The law on the territory of Ukraine adopted the requirements of the ISMS family standards for certain categories of information, the protection of which is ensured by the legislation of Ukraine. Also, the law has amended the basic requirements for the protection of information, as well as the criteria for establishing compliance with these requirements.
Corresponding changes were made to the Law of Ukraine "On Information Protection in Information and Telecommunication Systems" and for the most part affected the ways of confirming the compliance of the information system with information protection requirements by establishing appropriate criteria.
The explanatory note to the above document states that the main purpose of the adoption of this law is to integrate European requirements and criteria for assessing information protection against cyber threats with the Ukrainian legislative data protection system. Standards that regulate data protection issues, cybersecurity - information security management systems, ISMS (Information Security Management System, ISMS).
The law touched upon the main topics of protection and exchange of information, such as cryptographic protection of information. The law established the main points and requirements for placement, storage of basic information resources, their protection and other regulatory requirements, both general and industry-specific.
The adoption of this law is undoubtedly a step ahead for information security in Ukraine. The implementation of international standards, European ISMS will provide uniform cybersecurity requirements for companies of all sizes, thanks to a single independent standards base. Also, this, unambiguously, will facilitate the procedure for confirming the compliance of systems with information security requirements, as well as public procurement in government agencies and organizations where information protection is ensured by law.
No comments:
Post a Comment