NCSI FULFILMENT PERCENTAGE
Version 14 Feb 2025 Choose a version
STRATEGIC CYBERSECURITY INDICATORS
-
1. CYBERSECURITY POLICY 12/15 80%1215 80%
-
1.1. High-level cybersecurity leadership 333
Requirements
CriteriaThe country has appointed governmental leadership responsible for cybersecurity at the national level.
Accepted referencesLegal act, national strategy, official statutes or terms of reference, or official website
Evidence
Evidence presented in a foreign language
https://adilet.zan.kz/kaz/docs/G22IPM00147
Information Security Committee under the Republic of Kazakhstan’s Ministry of Digital Development, Innovation and Aerospace Industry, see “On amendments to the Order of the Acting Minister of Digital Development, Innovations and Aerospace Industry of the Republic of Kazakhstan No. 169/НН dated July 22, 2019 "On approval of the Regulations of the Republican State Institution "Information Security Committee of the Ministry of Digital Development, Innovations and Aerospace Industry of the Republic of Kazakhstan"”
https://www.gov.kz/memleket/entities/infsecurity/activities/directions?lang=kk
-
1.2. Cybersecurity policy development 333
Requirements
CriteriaThere is a competent entity in the central government to whom responsibility is assigned for national cybersecurity strategy and policy development.
Accepted referencesLegal act, official statute or terms of reference, or official website
Evidence
Evidence presented in a foreign language
https://adilet.zan.kz/kaz/docs/G22IPM00147
Information Security Committee under the Republic of Kazakhstan’s Ministry of Digital Development, Innovation and Aerospace Industry, see “On amendments to the Order of the Acting Minister of Digital Development, Innovations and Aerospace Industry of the Republic of Kazakhstan No. 169/НН dated July 22, 2019 "On approval of the Regulations of the Republican State Institution "Information Security Committee of the Ministry of Digital Development, Innovations and Aerospace Industry of the Republic of Kazakhstan"”, Chapter 2, No. 77
https://www.gov.kz/memleket/entities/mdai/about?lang=en
"The Ministry is engaged in the formation and implementation of the state policy in the field of digital development of the country, in the fields of innovation, communications, public services, electronic industry, as well as engaged in the development of e-government, coordination of the activities of the State Corporation "Government for Citizens", information security, aerospace industry, geodesy and cartography."
Evidence presented in a foreign language
https://www.gov.kz/memleket/entities/mdai/about/structure/1/1?lang=en
Information Security Committee → “The committee establishes public policy in the field of information security, and also maintains the level of national electronic information resources safety against external and internal threats.”
-
1.3. Cybersecurity policy coordination 003
Requirements
CriteriaThe country has a regular official format for cybersecurity policy coordination at the national level.
Accepted referencesLegal act, official statute or terms of reference, or official website
Evidence
-
1.4. National cybersecurity strategy 333
Requirements
CriteriaThe central government has established a national-level cybersecurity strategy defining strategic cybersecurity objectives and measures to improve cybersecurity across society.
Accepted referencesValid official document
Evidence
Evidence presented in a foreign language
-
1.5. National cybersecurity strategy action plan 333
Requirements
CriteriaThe central government has established an action plan to implement the national cybersecurity strategy.
Accepted referencesCurrent official document, legal act, or official statement
Evidence
https://adilet.zan.kz/kaz/docs/P2300000269
Resolution of the Government of the Republic of Kazakhstan No. 269 dated March 28, 2023, On approval of the Concept for the Development of Digital Transformation, Information and Communication Technologies and Cybersecurity for 2023-2029, see Appendix: Action Plan for the Implementation of the Concept for the Development of Digital Transformation, Information and Communication Technologies and Cybersecurity for 2023-2029, Direction IV. Cybersecurity
-
-
2. GLOBAL CYBERSECURITY CONTRIBUTION 4/6 67%46 67%
-
2.1. Cyber diplomacy engagements 333
Requirements
CriteriaThe government contributes to international or regional cooperation formats dedicated to cybersecurity and cyber stability. (The indicator is limited to strategic-level cooperation; operational-level incident response cooperation and cross-border law enforcement cooperation are addressed separately under other indicators.)
Accepted referencesOfficial website of the organisation or cooperation format, official statement or contribution
Evidence
https://eng.sectsco.org/20240421/1330779.html
The Shanghai Cooperation Organisation (SCO)
UN Open-ended Working Group (OEWG)
-
2.2. Commitment to international law in cyberspace 111
Requirements
CriteriaThe country has an official position on the application of international law, including human rights, in the context of cyber operations.
Accepted referencesOfficial document or statement, international indexes
Evidence
https://front.un-arm.org/wp-content/uploads/2021/08/A-76-136-EN.pdf
Official compendium of voluntary national contributions on the subject of how international law applies to the use of information and communications technologies by States submitted by participating governmental experts in the Group of Governmental Experts on Advancing Responsible State Behaviour in Cyberspace in the Context of International Security established pursuant to General Assembly resolution 73/266, United Nations General Assembly, 13 July 2021 (pp. 51-52)
-
2.3. Contribution to international capacity building in cybersecurity 002
Requirements
CriteriaThe country has led or supported cybersecurity capacity building for another country in the past three years.
Accepted referencesOfficial website or project document
Evidence
-
-
3. EDUCATION AND PROFESSIONAL DEVELOPMENT 6/10 60%610 60%
-
3.1. Cyber safety competencies in primary education 002
Requirements
CriteriaPrimary education curricula in the public education system include cyber safety (online safety, computer safety) competencies.
Accepted referencesOfficial curriculum or official report
Evidence
-
3.2. Cyber safety competencies in secondary education 002
Requirements
CriteriaSecondary education curricula in the public education system include cyber safety (online safety, computer safety) competencies.
Accepted referencesOfficial curriculum or official report
Evidence
-
3.3. Undergraduate cybersecurity education 222
Requirements
CriteriaAt least one undergraduate education programme is available in the country to train students in cybersecurity.
Accepted referencesAccredited study programme
Evidence
- International University of Information Technologies (IITU), bachelor’s degrees in Computer Security (6B06301) and Network Security (6B06303)
- Astana IT University, Bachelor in Information and Communication Technology on the educational program 6B06301 "Cyber Security"
- Al-Farabi Kazakh National University, Bachelor’s Degree in Information Security Systems (6B06301)
- L.N. Gumilyov Eurasian National University, Bachelor’s degree in Information Security Systems (6B06306)
- Almaty University of Power Engineering and Telecommunications, Bachelor's degree in Information security systems, see also webpage of the Department of Cyber Security
- Satbayev University, Bachelor’s Degree in Information Security, see also website of the Department of "Cybersecurity, Information Processing and Storage"
https://nuo.kz/en/departments/department-of-information-security/
National Defense University of the Republic of Kazakhstan
"Undergraduates are trained in the speciality “Cybersecurity and information security systems in military affairs”
-
3.4. Graduate cybersecurity education 333
Requirements
CriteriaAt least one cybersecurity education programme is available in the country at the graduate level.
Accepted referencesAccredited study programme
Evidence
Evidence presented in a foreign language
- International University of Information Technologies (IITU), master’s degree in Computer technologies and cybersecurity (7M06108)
- Al-Farabi Kazakh National University, master's degree in Information Security Systems (7M06301)
- L.N. Gumilyov Eurasian National University, Master’s degree in Information Security
- Almaty University of Power Engineering and Telecommunications, Master’s degree in Information Systems Security, see also webpage of the Department of Cyber Security
- Satbayev University, Master's Degree in Comprehensive Information Security, see also website of the Department of "Cybersecurity, Information Processing and Storage"
-
3.5. Association of cybersecurity professionals 111
Requirements
CriteriaA professional association of cybersecurity specialists, managers, or auditors exists in the country.
Accepted referencesOfficial website
Evidence
https://engage.isaca.org/astanachapter/home
ISACA – Astana Chapter
-
-
4. CYBERSECURITY RESEARCH AND DEVELOPMENT 2/4 50%24 50%
-
4.1. Cybersecurity research and development programmes 002
Requirements
CriteriaA cybersecurity research and development (R&D) programme or institute exists and is recognised and/or supported by the government.
Accepted referencesOfficial programme or official website
Evidence
-
4.2. Cybersecurity doctoral studies 222
Requirements
CriteriaAn officially recognised PhD programme exists accommodating research in cybersecurity.
Accepted referencesOfficial programme or official website
Evidence
Evidence presented in a foreign language
https://farabi.university/programs/1726
Al-Farabi Kazakh National University
- Information Security Systems (8D06301)
Evidence presented in a foreign language
L.N. Gumilyov Eurasian National University
https://satbayev.university/en/specialties/sistemy-informatsionnoy-bezopasnosti
Satbayev University
- PhD programme in Information Security Systems (D 095)
- See also website of the Department of "Cybersecurity, information processing and storage"
-
PREVENTIVE CYBERSECURITY INDICATORS
-
5. CYBERSECURITY OF CRITICAL INFORMATION INFRASTRUCTURE 12/12 100%1212 100%
-
5.1. Identification of critical information infrastructure 333
Requirements
CriteriaThere is a framework or a mechanism to identify operators of critical information infrastructure.
Accepted referencesLegal or administrative act
Evidence
https://adilet.zan.kz/eng/docs/Z1500000418
Law of the Republic of Kazakhstan dated 24 November 2015 № 418-V. On Informatization, Article 7-1. no. 3
"Article 7-1. Competence of the authorized body in the sphere of ensuring information security
Authorized body in the sphere of ensuring information security shall: (...)
3) develop a list of critically important objects of information and communication infrastructure, as well as the rules and criteria for classifying the objects of information and communication infrastructure as critically important objects of information and communication infrastructure;"
-
5.2. Cybersecurity requirements for operators of critical information infrastructure 333
Requirements
CriteriaOperators of critical (information) infrastructure are required to assess and manage cyber risks and/or implement cybersecurity measures.
Accepted referencesLegal act, or mandatory cybersecurity framework or standard
Evidence
https://adilet.zan.kz/eng/docs/Z1500000418
Law of the Republic of Kazakhstan dated 24 November 2015 № 418-V. On Informatization, see Article 54. (Organisation of protection of the objects of informatization) (1) no.1; (2) no. 1-8; (3-3.) and Article 7-1. no. 5
-
5.3. Cybersecurity requirements for public sector organisations 333
Requirements
CriteriaPublic sector organisations are required to assess and manage cyber risks and/or implement cybersecurity measures.
Accepted referencesLegal or administrative act, mandatory cybersecurity framework or standard
Evidence
https://www.gov.kz/memleket/entities/mdai/documents/details/adilet/P1600000832?lang=en
Decree of the Government of the Republic of Kazakhstan dated December 20, 2016 № 832. on approval of uniform requirements in the field of information and communication technologies and information security
"UR [Unified requirements in the field of information and communication technologies and ensuring information security] provisions related to information security shall be mandatory for application by state bodies, local executive bodies, state legal entities, quasi-public sector entities, owners and holders of non-state information systems, integrated with information systems of state bodies or intended for the formation of state electronic information resources, also owners and holders of critical information and communication infrastructure facilities."
-
5.4. Competent supervisory authority 333
Requirements
CriteriaA competent authority has been designated and allocated powers to supervise the implementation of cyber/information security measures.
Accepted referencesLegal act or official website
Evidence
Evidence presented in a foreign language
https://adilet.zan.kz/kaz/docs/G22IPM00147
Information Security Committee under the Republic of Kazakhstan’s Ministry of Digital Development, Innovation and Aerospace Industry, see “On amendments to the Order of the Acting Minister of Digital Development, Innovations and Aerospace Industry of the Republic of Kazakhstan No. 169/НН dated July 22, 2019 "On approval of the Regulations of the Republican State Institution "Information Security Committee of the Ministry of Digital Development, Innovations and Aerospace Industry of the Republic of Kazakhstan"”, Chapter 2, Duties (13. 2))
https://sts.kz/en/activity/msib/
National Coordination Center for Information Security (NCCIS) of JSC “State Technical Service” (JSC STS)
-
-
6. CYBERSECURITY OF DIGITAL ENABLERS 6/12 50%612 50%
-
6.1. Secure electronic identification 222
Requirements
CriteriaA national electronic identification solution exists that allows for officially recognised and secure electronic identification of natural and/or legal persons.
Accepted referencesLegal act, nationally recognised identification scheme, or official website
Evidence
Electronic government of the Republic of Kazakhstan
https://www.gov.kz/memleket/entities/mdai/activities/7?lang=en
-
6.2. Electronic signature 222
Requirements
CriteriaA nationally recognised and publicly available solution exists to issue secure and legally binding electronic signatures.
Accepted referencesLegal act or official website
Evidence
Evidence presented in a foreign language
https://adilet.zan.kz/kaz/docs/Z030000370_
The Law of the Republic of Kazakhstan dated 7 January, 2003 No.370. On Electronic Document and Electronic Digital Signature
-
6.3. Trust services 002
Requirements
CriteriaTrust services (e.g. digital certificates, timestamps, private key management service) are regulated, at least for use in the public sector.
Accepted referencesLegal act or official website
Evidence
-
6.4. Supervisory authority for trust services 002
Requirements
CriteriaAn independent authority has been designated and given the power to supervise trust services and trust service providers.
Accepted referencesLegal act or official website
Evidence
-
6.5. Cybersecurity requirements for cloud services 222
Requirements
CriteriaRequirements are established for the secure use of cloud services in government and/or public sector organisations.
Accepted referencesLegal or administrative act, cybersecurity framework or standard
Evidence
https://adilet.zan.kz/eng/docs/Z1500000418
Law of the Republic of Kazakhstan dated 24 November 2015 № 418-V. On Informatization, see Article 13-4. Cloud Computing
-
6.6. Supply chain cybersecurity 002
Requirements
CriteriaRequirements are established to identify and manage cybersecurity risks through the ICT supply chain.
Accepted referencesLegal act or official website
Evidence
-
-
7. CYBER THREAT ANALYSIS AND AWARENESS RAISING 9/12 75%912 75%
-
7.1. Cyber threat analysis 333
Requirements
CriteriaA government entity has been assigned the responsibility for national-level cybersecurity and/or cyber threat assessments.
Accepted referencesLegal act, statute, or official website
Evidence
https://adilet.zan.kz/eng/docs/Z1500000418
The National Information Security Coordination Center as per the Law of the Republic of Kazakhstan dated 24 November 2015 № 418-V. On Informatization, see Article 7-4. (1) no. 1
-
7.2. Public cyber threat reports 333
Requirements
CriteriaPublic cyber threat reports and notifications are issued at least once a year.
Accepted referencesOfficial website, official social media channel, or public report
Evidence
- KZ-CERT → Incidents statistics
- KZ-CERT → Bulletins that notify users of existing vulnerabilities
- KZ-CERT → Feeds
-
7.3. Public cybersecurity awareness resources 333
Requirements
CriteriaPublic authorities provide publicly available cybersecurity advisories, tools, and resources for users, organisations, and ICT and cybersecurity professionals.
Accepted referencesOfficial website, public advisories
Evidence
- e-Government Portal → Tips and Tricks
- KZ-CERT → Advice & Guidance
- KZ-CERT → Recommendations
- KZ-CERT → FAQ section
-
7.4. Cybersecurity awareness raising coordination 003
Requirements
CriteriaThere is an entity with the clearly assigned responsibility to lead and/or coordinate national cybersecurity awareness activities.
Accepted referencesLegal act, official document, or official website
Evidence
-
-
8. PROTECTION OF PERSONAL DATA 4/4 100%44 100%
-
8.1. Personal data protection legislation 222
Requirements
CriteriaThere is a legal act for personal data protection that is applicable to the protection of data online or in digital form.
Accepted referencesLegal act
Evidence
Evidence presented in a foreign language
https://adilet.zan.kz/kaz/docs/Z1300000094
Law of the Republic of Kazakhstan No. 94-V of May 21, 2013. on Personal data and its Protection
-
8.2. Personal data protection authority 222
Requirements
CriteriaAn independent public supervisory authority has been designated and allocated powers to supervise personal data protection.
Accepted referencesLegal act or official website
Evidence
Evidence presented in a foreign language
https://adilet.zan.kz/kaz/docs/Z1300000094
Law of the Republic of Kazakhstan No. 94-V of May 21, 2013. on Personal data and its Protection, Article 27-1. Competence of the Authorized Body
Evidence presented in a foreign language
https://adilet.zan.kz/kaz/docs/G22IPM00147
Information Security Committee under the Republic of Kazakhstan’s Ministry of Digital Development, Innovation and Aerospace Industry, see “On amendments to the Order of the Acting Minister of Digital Development, Innovations and Aerospace Industry of the Republic of Kazakhstan No. 169/НН dated July 22, 2019 "On approval of the Regulations of the Republican State Institution "Information Security Committee of the Ministry of Digital Development, Innovations and Aerospace Industry of the Republic of Kazakhstan"”, link above, Article 1
"1. The Republican State Institution "Information Security Committee of the Ministry of Digital Development, Innovations and Aerospace Industry of the Republic of Kazakhstan" (hereinafter referred to as the Committee) is a department of the Ministry of Digital Development, Innovations and Aerospace Industry of the Republic of Kazakhstan (hereinafter referred to as the Ministry) that carries out regulatory, implementation and control functions in the field of informatization, personal data and their protection, (…)"
Evidence presented in a foreign language
https://www.gov.kz/memleket/entities/infsecurity/about?lang=kk
-
RESPONSIVE CYBERSECURITY INDICATORS
-
9. CYBER INCIDENT RESPONSE 11/14 79%1114 79%
-
9.1. National incident response capacity 333
Requirements
CriteriaThere is a CERT designated with nationwide responsibilities for cyber incident detection and response.
Accepted referencesLegal act or official website
Evidence
https://cert.gov.kz/about/kz_cert
National Computer Emergency Response Team (KZ-CERT) under the National Coordination Center of Information Security (NCCIS)
-
9.2. Incident reporting obligations 333
Requirements
CriteriaOperators of critical information infrastructure and/or government institutions are obliged to notify the designated competent authorities about cyber incidents.
Accepted referencesLegal act or official website
Evidence
https://adilet.zan.kz/eng/docs/Z1500000418
Law of the Republic of Kazakhstan dated 24 November 2015 № 418-V. On Informatization, see Article 54
"Article 54. Organization of protection of the objects of informatization
2. Owners or holders of the objects of informatization of "electronic government" and critically important objects of information and communication infrastructure are obliged to take measures ensuring: (...)
6) immediate informing of the National coordination center for information security about the incident of information security, except for the owners and (or) possessors of electronic information resources containing information constituting state secrets;"
-
9.3. Cyber incident reporting tool 222
Requirements
CriteriaA publicly available official resource is provided for notifying competent authorities about cyber incidents.
Accepted referencesOfficial website
Evidence
-
9.4. Single point of contact for international cooperation 003
Requirements
CriteriaThe government has designated a single point of contact for international cybersecurity cooperation.
Accepted referencesLegal act or official website
Evidence
-
9.5. Participation in international incident response cooperation 333
Requirements
CriteriaThe national cyber incident response team (CSIRT/CERT/CIRT) participates in international or regional cyber incident response formats.
Accepted referencesOfficial website or official document
Evidence
https://www.first.org/members/teams/kz-cert
FIRST
https://www.oic-cert.org/en/allmembers.html
OIC-CERT
https://www.apcert.org/about/structure/members.html
APCERT (Liaison Partner)
-
-
10. CYBER CRISIS MANAGEMENT 4/9 44%49 44%
-
10.1. Cyber crisis management plan 222
Requirements
CriteriaThe government has established a crisis management plan for large-scale cyber incidents.
Accepted referencesLegal act or official website
Evidence
https://adilet.zan.kz/eng/docs/P1800000488
National Anti-Crisis Plan for Responding to Information Security Incidents
Evidence presented in a foreign language
https://adilet.zan.kz/kaz/docs/G22IPM00147
On Amendments to the Order of the Acting Minister of Digital Development, Innovation and Aerospace Industry of the Republic of Kazakhstan dated July 22, 2019 No. 169/НК "On Approval of the Regulation of the Republican State Institution "Information Security Committee of the Ministry of Digital Development, Innovation and Aerospace Industry of the Republic of Kazakhstan", see Chapter 2, Functions (no.17)
"17) Development of a National Anti-Crisis Plan for responding to information security incidents;" -
10.2. National cyber crisis management exercises 003
Requirements
CriteriaRegular interagency cyber crisis management exercises or crisis management exercises with a cyber component are arranged at the national level at least every other year.
Accepted referencesExercise document, official website, or press release
Evidence
-
10.3. Participation in international cyber crisis exercises 222
Requirements
CriteriaThe country participates in an international cyber crisis management exercise at least every other year.
Accepted referencesExercise document/website or press release
Evidence
https://eng.cisatc.org/1289/133/161/9518
East-Antiterror – 2024
“Exercise “East-Antiterror – 2024” featured new elements including operations aimed to identify and prevent trans-border movement of terrorist-fighters, provide cyber-security of critical infrastructure facilities and countering financing of terrorism, including with use of crypto-currencies.”
-
10.4. Operational crisis reserve 002
Requirements
CriteriaA mechanism for engaging reserve support has been established to reinforce government bodies in managing cyber crises.
Accepted referencesLegal act or official website
Evidence
-
-
11. FIGHT AGAINST CYBERCRIME 11/16 69%1116 69%
-
11.1. Cybercrime offences in national law 333
Requirements
CriteriaCybercrime offences are defined in national legislation.
Accepted referencesLegal act
Evidence
Evidence presented in a foreign language
https://adilet.zan.kz/kaz/docs/K1400000226
Penal Code of the Republic of Kazakhstan, No. 226-V of July 3, 2014., see Chapter 7 (Criminal Violations in the Field of Information and Communications), Articles 205-213. See also Article 147, Article 188 (2) no. 4, Article 190 (2) no. 4, Article 195 (3) no. 3, Articles198-199, Article 312
-
11.2. Procedural law provisions 333
Requirements
CriteriaLegislation defines the powers and procedures for cybercrime investigations and proceedings and for the collection of electronic evidence.
Accepted referencesLegal act
Evidence
https://adilet.zan.kz/eng/docs/K1400000231
Criminal Procedure Code of the Republic of Kazakhstan (dated July 4, 2014 No. 231.), Articles 231, 243-245, 252-254
- The Law on Communications of the Republic of Kazakhstan dated 5 July 2004 No. 567., see Article 15
- The Law of the Republic of Kazakhstan On Operational Investigations (dated 15 September 1994), see Article 11 (3)
https://rm.coe.int/octocom-legal-profile-kazakhstan/16809ed4b5
See also Council of Europe, Kazakhstan, Cybercrime legislation, Domestic equivalent to the provisions of the Budapest Convention, 2020, Section 2 – Procedural law
-
11.3. Ratification of or accession to the Convention on Cybercrime 002
Requirements
CriteriaThe country has ratified or acceded to the Council of Europe (CoE) Convention on Cybercrime.
Accepted referencesLegal act on Convention ratification or accession, website of the CoE Treaty Office
Evidence
-
11.4. Cybercrime investigation capacity 333
Requirements
CriteriaLaw enforcement has a specialised function and capacity to prevent and investigate cybercrime offences.
Accepted referencesLegal act or official website
Evidence
Evidence presented in a foreign language
https://www.gov.kz/memleket/entities/qriim/about/structure/departments/leadership/33697/1?lang=kk
Department of Action against Cybercrime of the Ministry of Internal Affairs of the Republic of Kazakhstan
Evidence presented in a foreign language
Cybercrime Center within the Ministry of Internal Affairs
See also:
- Ministry of Internal Affairs of the Republic of Kazakhstan – Action against cybercrime
- "The digitalization experience of the Ministry of Internal Affairs of Kazakhstan has aroused interest among foreign experts", POLISIA.KZ, 2021
- "Ways to protect against cybercrime were discussed at the National Guard", POLISIA.KZ, 2023
-
11.5. Digital forensics capacity 222
Requirements
CriteriaLaw enforcement has a specialised function and capacity for digital forensics.
Accepted referencesLegal act, statute, official document, or official website
Evidence
Evidence presented in a foreign language
https://adilet.zan.kz/kaz/docs/V1700015180
Order of the Minister of Justice of the Republic of Kazakhstan dated April 27, 2017 No. 484. Registered with the Ministry of Justice of the Republic of Kazakhstan on May 26, 2017 under No. 15180 on approval of the rules for organizing and conducting forensic examinations and research in forensic examination bodies, see Paragraph 37. Forensic examination of computer technology tools (12.2)
https://forensic.gov.kz/old/expertise_type/en.html
Forensic Examinations Centre, 12.2 Forensic examination of computer technology tools
https://daryo.uz/en/2023/05/25/kazakhstan-sets-up-its-1-ever-digital-forensic-lab
-
11.6. 24/7 contact point for international cybercrime 003
Requirements
CriteriaThe government has designated an international 24/7 point of contact for assistance on cybercrime and electronic evidence.
Accepted referencesOfficial website, legal act or statute
Evidence
-
-
12. MILITARY CYBER DEFENCE 4/6 67%46 67%
-
12.1. Military cyber defence capacity 222
Requirements
CriteriaArmed forces have designated units responsible for the cybersecurity of military operations and/or for cyber operations.
Accepted referencesLegal act, statute, other official document or official website
Evidence
https://adilet.zan.kz/eng/docs/Z050000029_
The Law of the Republic of Kazakhstan dated 7 January, 2005 № 29. On Defence and Armed Forces of the Republic of Kazakhstan
Article 19. The general structure of the Armed Forces"The special troops of the Armed Forces shall include military units and subdivisions of engineering, geoinformation and hydrometeorological support, reconnaissance, radiation, chemical and biological protection, communications, electronic warfare, information warfare, military police bodies designed to carry out special tasks to ensure the combat activities of the Armed Forces."
https://www.rferl.org/a/kazakhstan-creates-new-military-branch-to-fight-cyberthreats/29212903.html
-
12.2. Military cyber doctrine 002
Requirements
CriteriaThe tasks, principles, and oversight of armed forces for military cyber operations are established by official doctrine or legislation.
Accepted referencesLegal act, official doctrine, or official website
Evidence
-
12.3. Military cyber defence exercises 222
Requirements
CriteriaArmed forces have conducted or participated in a cyber defence exercise or an exercise with a cyber defence component in the past three years.
Accepted referencesOfficial website or official document
Evidence
Evidence presented in a foreign language
https://www.gov.kz/memleket/entities/mod/press/news/details/598932
Kanzhar-2023 (more information)
-
Information Disclaimer
The information provided on the NCSI website is based on publicly available evidence materials. The appearance in the index and subsequent ranking is commensurate to the existence and public availability of such information. The NCSI links to third party websites and information. The NCSI and eGA are not responsible for the accuracy or completeness of third party website information.
What can I do to improve my country's data in NCSI?
Become a data contributor Update a specific indicator with evidence data