President Shavkat Mirziyoyev of Uzbekistan signed a decree on March 10 approving the Cybersecurity Strategy for 2026-2030. The document outlines several key directions for ensuring the country's digital development and information security. One of the strategy's primary objectives is achieving technological independence in the cybersecurity sphere.

A Coordinating National Council for Cybersecurity and Combating Cybercrime will be established under the Secretary of the Security Council under the President. By July 1, working groups of ministries and agencies must submit to the council an assessment of the cybersecurity status of digital government and banking-financial sector information systems. Additionally, the State Security Service (SSS) will conduct competitions to identify vulnerabilities with the participation of independent experts to enhance the resilience of national information systems and resources against modern cyberattacks.

Starting April 1, specialized cybersecurity units with at least four staff members will be formed in the Ministry of Justice, Ministry of Energy, and Tax Committee. The personal responsibility of heads of state bodies for implementing cyber protection measures is being strengthened, and tougher liability for violations of cybersecurity legislation is envisaged. From April 1, state bodies are required to allocate funds for cybersecurity within their budgets and extra-budgetary funds.

A national Security Operations Center (SOC) system for monitoring and responding to cybersecurity incidents is being established. Systems for detecting vulnerabilities and shortcomings will be implemented in the information systems and resources of state bodies and organizations, as well as at critical information infrastructure facilities. Rapid information exchange on new cyber threats and vulnerabilities will be organized, and a system for alerting cybersecurity sector participants will be created.

Plans include strengthening the work of law enforcement agencies in preventing, detecting, and exposing cybercrimes. According to the strategy, the preparedness level of rapid response teams dealing with cyberattacks must be continuously improved. Higher education institutions of law enforcement structures will train cybercriminals. More effective investigation of such crimes is envisaged through the active introduction of modern methods of operational-search and investigative activities.

A separate section is dedicated to combating telephone and internet fraud. Plans include creating an anti-phishing platform that automatically identifies fraudulent websites. Mechanisms for detecting and blocking suspicious calls or warning about them are also envisaged. Telecommunications operators may be obligated to block or filter suspicious and unwanted calls, including spam and advertising calls.

In upper grades of schools, classes on cyberculture will be introduced within the framework of educational hours. By the end of 2026, plans include developing online platforms with courses on cybersecurity fundamentals and preparing social videos for students and schoolchildren. Cybersecurity clubs will be established in regions to support talented youth.

Source: www.gazeta.uz