The latest cyber attack that affected almost all sectors of economy of Ukraine, not a little alarmed lawmakers. The other day the MPs were provided for review bill No. 6711, developed by the state special connection service by order of the national security Council – the introduction of adminotvetstvennosti for non-compliance of cyber security, writes UBR.
In theory, the bill should concern mostly civil servants, but the text written in such a way that the responsibility can be held and the officials of enterprises and organizations irrespective of forms of ownership, say lawyers.
“Currently in the bill the terms very vague that it’s always bad when we’re talking about any responsibility and the control of the state,” said senior associate “YUKK De jure” Alexander Gong.
As told the head of the Internet Association of Ukraine Alexander Fedenko, based on the text of the bill, the initiative is likely to affect those private enterprises that perform work for the public sector.
“Perhaps in the context of issues of national cyber security — increasing responsibility and appropriate. However, I would still have focused on criminal liability. But indirectly, the bill may have effects on private entities, which in principle is unacceptable,” added Fedienko.
- See also: Every tenth computer in Ukraine was infected by a virus Petya
Anyway, in the case of the adoption of the document, Ukraine will actually introduce a new type of administrative responsibility, and thus, new inspections and new penalties.
“Should be the criteria of inspections, as it is most likely not about the documentary and technical inspections of devices and systems,” says Fedirko.
Failure to comply with the requirements of the legislation in information security at the enterprise will face a fine from 850 to 1700 UAH. For repeated violation within a year would have to pay more — from 1700 to 2550 UAH.
According to experts, the responsibility, though, and administrative, should make the Ukrainian civil servants and everyone who has a direct relationship to databases, it is better to monitor their safety and to prevent situations such as in the latest cyber attack.
However, penalties are not a panacea, experts say. After all, you need to prevent an emergency, and not to make the debriefing. To make it real only with proper conduct of the information policy.
“At least, you need to remove a practical monopoly (after the ban of 1C) of such a system as M.E.Doc translate the license (and therefore updated in time) FOR state authorities or, alternatively, at open source software, etc.,” says Alexander Gong.
- Read also: due to virus attacks Petya in Ukraine changed the Tax code
Besides, the ways to appeal the penalties entrepreneurs and civil servants will stay. Accordingly, it will be possible to prove his innocence and avoid punishment.
“The process of checking will depend on who is authorized to draw up protocols and regulations on the administrative article. This may be a separate control. In any case, the decision on bringing to responsibility for the offence can be appealed in court”, — said the gun.
However, in the light of recent cyberattacks, the chances of acceptance of this initiative are large enough, despite its imperfections, experts say. “In the Wake of General exclamations that we have a war and we need to defend against the aggressor, the chances are very high,” says Alexander Fedenko.