The CSTO model law On Information Security was adopted at the CSTO PA plenary session on November 29, 2021.
The draft model law was presented by Anatoly Vyborny, Chairman of the CSTO Parliamentary Assembly Standing Commission on Defence and Security, deputy Chairman of the Committee on Security and Corruption Control of the State Duma of the Federal Assembly of the Russian Federation. He said that its development was dictated by many reasons, including both the direct expansion of the range of threats to information security, including changes in their nature and intensity; and attempts by foreign states to obtain confidential national cybersecurity data.
It is known that the development of programmes to disrupt the software of various automated systems and theft and destruction of information have now become an industry of sorts. The number of so-called virus programmes is constantly growing, they are improving and becoming more and more dangerous.
The automation of various industrial and administrative processes means that malware is essentially becoming a weapon, not only for private individuals but also for public authorities.
And every day new cyberthreats and cyberattacks require more and more rapid response through joint actions of the CSTO States within the framework of common legal mechanisms.
That is why the innovations laid down in the model law are a logical development of a number of provisions of the CSTO model law On National Security and recommendations on ensuring information and communication security.
The law defines the content of information security activities, which includes identifying and assessing threats, developing and implementing modern technologies with information protection, compiling a unified list of individuals and organizations that carry out cyberattacks in order to establish effective mechanisms and rules for countering them.
Given the cross-border nature of the information space, the model law allows for the timely detection and countering of hybrid threats initiated by Western intelligence services and transnational corporations, and for the development of joint plans to repel information attacks, the introduction of secure information exchange technology between allies and joint steps to combat the deployment and financing of so-called “colour revolutions,” among other things.