Presidential Decree of the Republic of Azerbaijan
from March 5, 2013 of No. 833
About ensuring activities of Cyber Security Center under the Ministry of Communications and High Technologies of the Republic of Azerbaijan.
Being guided by Item 32 of Article 109 of the Constitution of the Azerbaijani Republic, according to the Presidential decree of the Republic of Azerbaijan. from September 26, 2012 of No. 708 I decide:
1. To approve "Statute on Cyber Security Center under the Ministry of Communications and High Technologies of the Republic of Azerbaijan. it (is applied).
2. To the Cabinet of Ministers of the Republic of Azerbaijan to solve the questions following from this Decree.
President of the Republic of Azerbaijan.
It is approved as the Presidential decree of the Republic of Azerbaijan. from March 5, 2013 of No. 833
Statute on Cyber Security Center under the Ministry of Communications and High Technologies of the Republic of Azerbaijan.
1. General provisions
1.1. Cyber Security Center under the Ministry of Communications and High Technologies of the Republic of Azerbaijan. (further - Centre) is created according to the part 5 of the Presidential decree oof the Republic of Azerbaijan from September 26, 2012 of No. 708 and is binding structure - the state body ensuring coordination of activities of subjects of information infrastructure in the field of cybersecurity, informing at level of the country about existing and possible cyberthreats, education of the population, quotients and other structures (further - users) in the field of cybersecurity, and rendering of the methodical assistance by it.
1.2. In the activities the Centre is guided by the Constitution of the Republic of Azerbaijan, the laws of the Republic of Azerbaijan, decrees and instructions of the President of the Republic of Azerbaijan, resolutions and instructions of the Cabinet of Ministers of the Republic of Azerbaijan, the international treaties which participant is the Republic of Azerbaijan, Regulations on the Ministry of Communications and High Technologies of the Republic of Azerbaijan (further - the Ministry), the regulatory legal acts accepted by the Ministry, and this Provision.
1.3. In case of accomplishment of the tasks and implementation of the rights the Centre interacts with the Ministry and the structures subordinated to it which are not entering into its structure, central and local executive bodies, local government bodies and non-governmental organizations, the international organizations, and also the legal entities and physical persons specializing in information security field.
1.4. The center has the separate balance, state-owned property at disposal its instruction, treasurer and banking scores, the seal with the image of the State Emblem of the Republic of Azerbaijan and own name, the appropriate stamps and forms.
1.5. Maintenance costs of Centre and financing of its activities are performed at the expense of means of the government budget of the Republic of Azerbaijan and other sources provided by the law.
1.6. The center is located in the city of Baku.
2. Activities of Centre
2.1. Activities of Centre are:
2.1.1. coordination of activities of subjects of information infrastructure in the field of cybersecurity;
2.1.2.collection and analysis of information incoming from users, software and hardware producers, similar structures in foreign countries and other sources, about cyber security attacks, illegal intrusions and malicious codes against Information systems and networks, computer equipment and software, and the resources of local and corporate information systems.
2.1.3. implementation of informing at level of the country about existing and possible cyber threats, ensuring education of users in the field of cybersecurity;
2.1.4. preparation of the instructions directed on prevention of cyber threats, including about programs, means which can be used against users, provision of recommendations by it, ensuring methodical support;
2.1.5. for the purpose of prevention of global cyberattacks to general Internet traffic implementation together with the national Internet operator of the stopping actions approved with the Ministry;
2.1.6. interaction with other appropriate structures performing activities in the country for the purpose of ensuring of preparation on cybersecurity.
3. Tasks of Centre
3.1. According to the activities established by these Provision the Centre carries out the following tasks:
3.1.1. regularly analyzes the condition of general cybersecurity in the country;
3.1.2. coordinates activities of subjects of the information infrastructure performing activities in the country in the field of cybersecurity;
3.1.3. collects and analyzes information from foreign and other sources about cyber threats and programs, the means applied to their prevention, arriving from users, software manufacturers and the technical equipment, local and foreign centers on fight against computer incidents;
3.1.4. considers the addresses arriving in connection with illegal TV and radio broadcasting in the territory of the country, and also establishment of the signals hindering existing telebroadcastings, operation of satellite systems, and takes adequate measures;
3.1.5. based on study and the analysis of the international experience in area of ensuring cybersecurity performs informing at level of the country about cyber threats, prepares recommendations about the choice and application of rational programs and the means ensuring prevention of cases of the unauthorized input in information systems;
3.1.6. ensures education of users in the field of cybersecurity, rendering of the methodical assitance by it;
3.1.7. for the purpose of prevention of cyberattacks to general Internet traffic performs together with national the Internet the operator the stopping actions approved with the Ministry, and provides it the report;
3.1.8. for the purpose of suppression of cyber threats against users, establishments of sources of the occurred cyberattacks and implementation of adequate measures collects and stores data on them;
3.1.9. ensures according to the procedure, provided by the law, protection of information received in case of elimination of cyberthreats;
3.1.10. analyzes the software and the technical equipment, widely used by users in the country from the point of view of safety, makes recommendations about elimination the weaknesses revealed in them;
3.1.11. carries out the analysis of applied technological innovations for protection against the possible cyber threats, the new created cyber threats, methods and means of their sale;
3.1.12. for the purpose of detection of cyber threats and their suppression performs audit of information systems and networks based on reversal of their owners together with the appropriate structural subdividings of the Ministry of information security of the Republic of Azerbaijan and Special Service of State Security of the Republic of Azerbaijan;
3.1.13. spreads information on methods and means for ensuring cybersecurity, and also programs with open codes;
3.1.14. cooperates with software manufacturers and the technical equipment in the field of the cybersecurity, similar structures in other countries and the international organizations;
3.1.15. creates own official Internet information resource and with its help performs education and informing on activities of Centre, and also in the field of cybersecurity;
3.1.16. prepares bulletins, instructions and recommendations about the acquired information, tangently cyber threats, and also programs applied to their suppression and technical threats, including annual statistic reports on cybersecurity, and publishes on the official Internet and information resource;
3.1.17. will organize operational acceptance of convergence on the occurred cyber threats and takes adequate measures;
3.1.18. trains, seminars for increase of professional training of specialists with involvement of local and foreign experts in the field of cybersecurity;
3.1.19. provides to the relevant state bodies information on establishment of threats in the field of cybersecurity, their suppression, and also the occurred violations of the law;
3.1.20. for the purpose of increase of level of cybersecurity in the country gives proposals to the Ministry;
3.1.21. considers the arrived statements and the claims connected to activities of Centre, and according to the procedure, established by the law, performs measures.
4. Rights of Centre
4.1. The Center has the following rights:
4.1.1. to address in connection with the cyber threats directed or which can be directed against information systems and networks, computer hardwares and their softwares;
4.1.2. for the purpose of receipt of information to give requests on cybersecurity to state bodies and local government bodies, physical persons and legal entities, including operators and Internet service providers;
4.1.3. quickly to receive information on cyber threats and their results from the computer emergency response teams which perform activities in the country;
4.1.4. to give proposals to the Ministry for prevention of cyber threats in information systems and networks, the technical equipment which activities can cause the damage to the general circle of the cybersecurity of the country;
4.1.5. for study, the solution of the questions relating to activities, and also rendering of consulting services to attract according to the procedure, established by the law, research and development and educational institutions, the companies, independent experts and specialists, to create working groups, the commissions;
4.1.6. for study and application of the international experiment on activities creates business connections with relevant international organizations and the appropriate structures of foreign countries.
5. Organization of activities of Centre
5.1. The numerical composition of Centre establishes the Cabinet of Ministers of the Republic of Azerbaijan. The structure and the staff list of Centre are approved by the Ministry.
5.2. The director leads activities of Centre . The director of Centre and his deputy appoints to the post and the Minister of Communications and HighTechnologies of the Republic of Azerbaijan dismisses.
5.3. Director of Centre:
5.3.1. will organize activities of Centre and directs it;
5.3.2. delivers in the Ministry for reviewing the reports concerning approval of the current (annual) and perspective working plans of Centre and their accomplishment;
5.3.3. prepares and represents to the Ministry for approval the salary fund and within number of workers structure of Centre, the staff list and in limits and the selected budget assignment, and also on the means received for the score of other sources - the expense budget;
5.3.4. ensures effective use to destination selected for the organization of activities of Centre of budgetary funds, the credits, grants and other financial resources;
5.3.5. according to the legislation of the Republic of Azerbaijan appoints to the post and dismisses workers of Centre;
5.3.6. according to the procedure, provided by the law, takes concerning workers of Centre measures of encouragement and authority punishment;
5.3.7. gives mandatory orders for execution and the instruction;
5.3.8. represents Centre in ratios with state bodies, municipalities of domicile, legal entities and physical persons without the power of attorney;
5.3.9. ensures implementation of the rights and the tasks established by this Provision;
5.3.10. The center carries financial accounting of results of the activities according to the legislation, represents accounting and statistic reports to the Ministry and the state financial bodies.