ArmInfo. The Armenian government, based on advanced international experience, proposes to create a specialized body in the field of regulation of information systems. On August 14, the Cabinet of Ministers of the Republic of Armenia approved the draft laws "On Cybersecurity", "On Public Information", "On Regulation of Information Systems", as well as a package of related laws.
As stated in the explanation to the draft law "On Cybersecurity", the adoption of the document is due to the need to ensure the safe and reliable operation of information systems and critical information infrastructures in physical and virtual spaces, which is a guarantee of the proper provision of services in the public and private sectors and ensuring their normal functioning.
"The scope of regulation of the proposed draft law covers relations related to the uninterrupted functioning of information systems and (or) critical information infrastructures used to provide vital services in the Republic of Armenia, ensuring the availability, integrity, confidentiality of information processed, distributed, stored, transmitted and published in them, notification of cyber incidents, their prevention and resolution, requirements for cybersecurity service providers, compliance assessment or audit, as well as the implementation of control and supervision over compliance with the requirements of this law>, the document says.
The draft law clarifies the powers of the body developing state policy in the field of cybersecurity, represented by the Ministry of High-Tech Industry of the Republic of Armenia, and the body ensuring the implementation of policy in the field of cybersecurity, represented by the autonomous body, as well as other competent state bodies in the specified area.
It is noted that the adoption of the bill will create a legal basis for the development of a comprehensive state policy and action plan in the field of cybersecurity, an inventory of cybersecurity challenges and risks, their classification, the definition of coordinated measures and principles for responding to cyber incidents, strengthening cybersecurity in emergency situations and under martial law, the development of an additional action plan and corresponding scenarios, clarification of roles and responsibilities, planning and conducting cyber exercises, and the implementation of programs aimed at raising awareness among the general public and the level of cyber literacy.
Within the framework of the draft law , it is expected that the state information system will be established, developed and modernized, a unified information policy will be implemented, and the formation, development and modernization of the state information system will create an opportunity for more effective implementation of the goals of digitalization of Armenia, digital transformation of public administration, economy and society.
The adoption of the draft law will allow the creation of a relevant body in the Republic of Armenia with the status of an autonomous body, which will ensure compliance with the above-mentioned basic principles to the maximum extent possible.
As noted in the explanatory note to the document, this body will exercise regulatory powers in the following main areas:
Data Processing Center: Implementation, management and maintenance of state decisions on digitalization, ensuring uninterrupted operation in 24/7 mode, monitoring and ensuring the security of data, digital storage and systems in accordance with international standards, implementation of modern cloud infrastructures, services and technologies, which will also be available to the private sector.
Cybersecurity Center: Development of cybersecurity standards and verification of compliance of information systems in vital sectors, expert consultations, monitoring of the level/state of cybersecurity, development and adoption of minimum cybersecurity requirements, as well as implementation of various programs to improve the cyber literacy of citizens and civil servants.
"Within this area, in order to ensure the security of the state information system, the body is assigned the function of limiting the possibility of using state information systems and the level of data exchange (x- road). It should be taken into account that these systems are created and formed at the expense of the state budget, are critical infrastructures, contain a security component and are aimed at providing the population with uninterrupted, safe and high-quality services. To implement this function, the body must have clear legislative provisions and an authorizing regulatory framework.
With the adoption of the bill, the total amount of annual wages and social security as a result of full staffing of the relevant positions and employees of the body will be about 6 billion drams. When calculating the costs, we took into account the fact that the wages of employees of professional departments are high on the market, and these teams will make up the bulk of the body's staff," the authors of the initiative noted.
