Azerbaijan sets new cybersecurity rules for internet providers

New cybersecurity obligations are being introduced in Azerbaijan for owners of internet information resources and service providers.

According to Report, amendments have been proposed to the law "On Information, Informatization and Protection of Information." The draft was discussed at today's meeting of the Milli Majlis's (Parliament) Human Rights Committee.

Officials stated that the initiative aims to improve legal regulation in information security and cybersecurity, protect information infrastructure from cyber threats, establish institutional mechanisms, and define the legal basis for digital development processes.

The draft law introduces new concepts such as information infrastructure, cybersecurity, cyberspace, cyber hygiene, digital evidence, digital research, Computer Emergency Response Teams (CERT), Security Operations Centers (SOC), National CERT, and State CERT.

It also defines the rights and responsibilities of state bodies, infrastructure entities, CERTs, and SOCs in detecting, preventing, investigating, and eliminating cyber threats, attacks, and incidents.

The legislation outlines provisions for ensuring infrastructure security, conducting monitoring and audits, exchanging information on cyber incidents, carrying out digital research, financing digital development projects, and testing digital solutions in regulatory environments.

Additionally, internet providers, host providers, and resource owners will face new obligations in cybersecurity. The powers and scope of the National CERT will also be expanded.

It was emphasized that adoption of the draft will strengthen Azerbaijan's information security and cybersecurity systems, improve effectiveness in combating cyber threats, enhance infrastructure resilience, and ensure more efficient organization of digital development processes.