Cybersecurity and its Legal Regulation (Foreign and Russian Experience)

Abstract

Unmanageable and not well regulated nature of cyberspace, both on the national and the international level, is a serious problem for all governments of the world, therefore, the issue of ensuring cybersecurity in the cyberspace comes to the fore, and there is a need for regulatory documents to govern it. In this article, using the example of regulations of the European Union (the EU Cybersecurity Strategy, announced by the EU Commission and the High Representative of the Union for Foreign Affairs and Security Policy on 16 December 2020), the USA (the National Cybersecurity Strategy of the United States of America, 2018), the Republic of Kazakhstan (Concept of Cybersecurity (“Cyber Shield Kazakhstan”), 2017) and the Russian Federation (Draft Concept of the Cybersecurity Strategy of the Russian Federation, 2014) the main characteristics of legal regulation of cybersecurity issues are examined. The analysis of the main documents in the field of cybersecurity of the EU, the USA and the Republic of Kazakhstan showed that their emergence and significant modifications are caused by the fact that the entire world is undergoing a transition to a digital economy. In Russia, the implementation of the national project “Digital Economy” (2019) has also begun. However, within its framework, the federal project “Information Security” is being promoted. This is explained by the fact that Russia adopts a broader approach to “information security”, while other countries use the term cybersecurity in their regulations. The paper suggests that the national understanding of cybersecurity and its key priorities differ significantly, but the issues that they treat are common: building a state level management system in the field of cybersecurity; determination of the necessary cybersecurity policy and establishing the corresponding mechanism regarding the problems of ensuring the cybersecurity of national information infrastructures and a clear definition of the roles in its implementation. The divergence in various cybersecurity visions is one of the main reasons that lead to a deadlock that prevents productive discussion of cybersecurity and the setting of norms at the international level.