Cyber security
in Uzbekistan

The Uzbek cyber security law contains 30 points worth discussing to ensure more dynamic economic growth in the future. The regulation outlined in the white paper could form the basis for standardised cyber security regulation in the Central Asian economic region.

• Cyber security regulation is based on the three elements of minimum security, reporting and state authority.
• International cyber security laws explicitly (or implicitly) require information and data security management systems (ISMS).
• The protection of infrastructures through 3LoD has established itself internationally as the standard: it is proposed to expand to a fourth line of defence (4LoD) with the involvement of the Cyber Security Centre ZU.
• The Uzbek state should promote the development and operation of ISMS for critical infrastructures.
• Recommendation to subject the 30 identified points to critical appraisal while simultaneously increasing structural security.