Ukraine and Belarus Enhance Cybersecurity Legislation Amid Rising Threats
Severity: Medium (Score: 46.0)
Sources: Revera.Legal, Inkorr
Summary
In 2025, Ukraine's CERT-UA team managed around 6,000 cyber incidents, a significant rise from 2,500 in 2022, though major incidents decreased by 70%. This improvement is attributed to new cybersecurity laws, including Law No. 4336-IX, which aligns Ukraine's practices with the EU's NIS2 Directive. Key changes include mandatory Chief Information Security Officers for state bodies and critical infrastructure operators. Meanwhile, Belarus has introduced new liability provisions for cybersecurity violations through amendments to its Administrative Offences Code, signed into law on April 15, 2026. This law establishes specific penalties for cybersecurity breaches, particularly for critical information infrastructure. Both countries are focusing on enhancing their cybersecurity frameworks to better respond to ongoing threats in a hybrid warfare context. The full implementation of Ukraine's new cybersecurity norms is expected in 2026, while Belarus aims to enforce its new regulations promptly. Key Points: • Ukraine's CERT-UA reported 6,000 cyber incidents in 2025, up from 2,500 in 2022. • New Ukrainian laws require state bodies to appoint Chief Information Security Officers. • Belarus has introduced penalties for cybersecurity violations, effective April 15, 2026.