fbpx
Size of letters 1x
Site color
Image
Additionally
Line height
Letter spacing
Font
Embedded items (videos, maps, etc.)
 

By the end of the year, with the participation of business representatives, proposals for the legislative framework to promote public-private partnerships in the field of cybersecurity will be developed

26/ 09/ 2024
  On September 19, 2024, the Cybersecurity Subcommittee of the European Business Association held an extended meeting of the EBAs members with representatives from the Ministry of Digital Transformation of Ukraine and the State Service of Special Communications to discuss public-private partnership (PPP) in the field of cybersecurity. The meeting was initiated by the law firm Asters and supported by the Aspen Institute Kyiv, which is implementing the Cybersecurity Dialogue program in partnership with the USAID Ukraine Critical Infrastructure Cybersecurity Project. By the end of this year, the State Service of Special Communications, in accordance with the Resolution of the Cabinet of Ministers of Ukraine, is expected to propose a draft law on public-private partnerships in cybersecurity. The Co-chair of the Subcommittee, Yuriy Kotlyarov, presented Asters vision that the development of this draft law should be based on an understanding of the expectations of all parties. To achieve this, it is important to determine which problems need to be solved, which obstacles must be overcome, what goals both the public and private sectors should aim for, and which cybersecurity tasks relevant to Ukraine are best addressed through PPP mechanisms. A PPP is a mechanism where public and private partners combine their resources to tackle specific tasks, ensuring that both parties gain practical value and specific benefits from the partnership. PPP should also be considered an alternative, or even a primary, mechanism to strengthen Ukraines cybersecurity capabilities. This model should evolve into a service-based approach to government involvement, rather than one where the state acts solely as a source of regulatory demands. At present, the business community supports the legislative process for developing PPP initiatives in cybersecurity through the following stages: Stage I: Assessment of the current situation, including key and relevant areas of interaction for Ukraine (what?), formats of interaction (how?), and barriers to cooperation (what’s not working?). Stage II: Formulation of legal solutions (how to fix it?). Stage III: Drafting proposals for legislative acts. EBA members and company CISOs discussed current challenges in existing interactions, including: Lack of sufficient legal grounds and procedures for initiating and creating specific models of cooperation; Lack of adequate legal frameworks for cooperation that account for the interests of all parties (current memorandums, contracts, or verbal agreements do not provide lawful, effective, or adequate means of collaboration); Issues surrounding the disclosure of restricted information; Limitations on the use of state (military) assets, services, or other resources; A tendency for government agencies to rely on standard regulatory tools (requirements, inspections, sanctions) to achieve goals and tasks; Excessive bureaucratization of all processes; Limited awareness among businesses regarding the opportunities that could be developed within the PPP framework. At the same time, the business community highlighted key tasks to focus on during the development of PPP legislation, such as: Information sharing and response; Joint development of response recommendations; Training and creation of educational programs; Skills improvement, workforce training, and certification; Development of standards, consulting, and specialized services in areas requiring specific expertise and experience; Development of technological solutions; Infrastructure projects; Research and development projects. On behalf of the European Business Association, we extend our gratitude to the Ministry of Digital Transformation and the State Service of Special Communication for the open dialogue on PPP in cybersecurity. Our community is ready to be actively involved in drafting the legal framework to ensure the proper development of PPPs, which will result in a win-win solution for both the private and public sectors. Additionally, to raise awareness of information-sharing and cyber incident response opportunities, the Cybersecurity Subcommittee has scheduled a meeting between EBA members and CERT-UA.
01/

On September 19, 2024, the Cybersecurity Subcommittee of the European Business Association held an extended meeting of the EBA’s members with representatives from the Ministry of Digital Transformation of Ukraine and the State Service of Special Communications to discuss public-private partnership (PPP) in the field of cybersecurity.

The meeting was initiated by the law firm Asters and supported by the Aspen Institute Kyiv, which is implementing the “Cybersecurity Dialogue” program in partnership with the USAID Ukraine Critical Infrastructure Cybersecurity Project.

By the end of this year, the State Service of Special Communications, in accordance with the Resolution of the Cabinet of Ministers of Ukraine, is expected to propose a draft law on public-private partnerships in cybersecurity.

The Co-chair of the Subcommittee, Yuriy Kotlyarov, presented Asters’ vision that the development of this draft law should be based on an understanding of the expectations of all parties. To achieve this, it is important to determine which problems need to be solved, which obstacles must be overcome, what goals both the public and private sectors should aim for, and which cybersecurity tasks relevant to Ukraine are best addressed through PPP mechanisms.

A PPP is a mechanism where public and private partners combine their resources to tackle specific tasks, ensuring that both parties gain practical value and specific benefits from the partnership.

PPP should also be considered an alternative, or even a primary, mechanism to strengthen Ukraine’s cybersecurity capabilities. This model should evolve into a service-based approach to government involvement, rather than one where the state acts solely as a source of regulatory demands.

At present, the business community supports the legislative process for developing PPP initiatives in cybersecurity through the following stages:

  • Stage I: Assessment of the current situation, including key and relevant areas of interaction for Ukraine (what?), formats of interaction (how?), and barriers to cooperation (what’s not working?).
  • Stage II: Formulation of legal solutions (how to fix it?).
  • Stage III: Drafting proposals for legislative acts.

EBA members and company CISOs discussed current challenges in existing interactions, including:

  • Lack of sufficient legal grounds and procedures for initiating and creating specific models of cooperation;
  • Lack of adequate legal frameworks for cooperation that account for the interests of all parties (current memorandums, contracts, or verbal agreements do not provide lawful, effective, or adequate means of collaboration);
  • Issues surrounding the disclosure of restricted information;
  • Limitations on the use of state (military) assets, services, or other resources;
  • A tendency for government agencies to rely on standard regulatory tools (requirements, inspections, sanctions) to achieve goals and tasks;
  • Excessive bureaucratization of all processes;
  • Limited awareness among businesses regarding the opportunities that could be developed within the PPP framework.

At the same time, the business community highlighted key tasks to focus on during the development of PPP legislation, such as:

  • Information sharing and response;
  • Joint development of response recommendations;
  • Training and creation of educational programs;
  • Skills improvement, workforce training, and certification;
  • Development of standards, consulting, and specialized services in areas requiring specific expertise and experience;
  • Development of technological solutions;
  • Infrastructure projects;
  • Research and development projects.

On behalf of the European Business Association, we extend our gratitude to the Ministry of Digital Transformation and the State Service of Special Communication for the open dialogue on PPP in cybersecurity. Our community is ready to be actively involved in drafting the legal framework to ensure the proper development of PPPs, which will result in a win-win solution for both the private and public sectors.

Additionally, to raise awareness of information-sharing and cyber incident response opportunities, the Cybersecurity Subcommittee has scheduled a meeting between EBA members and CERT-UA.

If you have found a spelling error, please, notify us by selecting that text and pressing Ctrl+Enter.

Start
in the Telegram bot
Read articles. Share in social networks

Spelling error report

The following text will be sent to our editors: