1. General provisions
1.1. The Electronic Security Center under the Ministry of Communications and Information Technologies of the Republic of Azerbaijan (hereinafter - the Center) was established in accordance with Part 5 of the Decree of the President of the Republic of Azerbaijan No. 708 dated September 26, 2012. It is a coordinating body that provides information on threats at the national level, educates the population, private and other institutions (hereinafter - users) in the field of cyber security and provides them with methodological assistance.
1.2. The Center operates in accordance with the Constitution of the Republic of Azerbaijan, laws of the Republic of Azerbaijan, decrees and orders of the President of the Republic of Azerbaijan, decisions and orders of the Cabinet of Ministers of the Republic of Azerbaijan, international agreements to which the Republic of Azerbaijan is a party. normative legal acts adopted by and in accordance with this Regulation.
1.3. In performing its duties and exercising its rights, the Center interacts with the Ministry and its subordinate bodies, central and local executive authorities, local self-government bodies, non-governmental organizations, international organizations, as well as legal entities and individuals specializing in information security. .
1.4. The Center has an independent balance sheet, state property, treasury and bank accounts at its disposal, an image of the State Emblem of the Republic of Azerbaijan, a stamp engraved with its name, relevant stamps and letterheads.
1.5. The maintenance costs and activities of the Center are financed from the state budget of the Republic of Azerbaijan and other sources provided by law.
1.6. The center is located in Baku.
2. Areas of activity of the center
2.1. The activities of the center are as follows:
2.1.1. coordinates the activities of information infrastructure entities in the field of cyber security;
2.1.2. from users, software and hardware manufacturers, similar structures in foreign countries about cyber attacks, illegal intrusions, malware (hereinafter - electronic threats) against the security of information systems and networks, computer equipment and their software, local and corporate information systems and resources and collects and analyzes information received from other sources;
2.1.3. Provides information on existing and potential electronic threats at the national level, ensures awareness of users in the field of cyber security;
2.1.4. prepares instructions on the prevention of electronic threats, as well as programs and technical means that can be used against users, gives them recommendations, provides methodological support;
2.1.5. implements preventive measures agreed with the Ministry in cooperation with the national internet operator in order to prevent global cyber attacks on general internet traffic;
2.1.6. Interacts with other relevant agencies in the country to provide cyber security training.
3. Duties of the Center
3.1. The Center performs the following tasks in accordance with the activities defined by this Regulation:
3.1.1. to regularly analyze the general cyber security situation in the country;
3.1.2. to coordinate the activities of the information infrastructure entities operating in the country in the field of cyber security;
3.1.3. to collect and analyze incoming information from users, manufacturers of software and hardware, computer incident control centers of local and foreign countries, foreign and other sources on electronic threats and software and technical means used to prevent them;
3.1.4. to investigate and take appropriate measures to identify incoming illegal television and radio broadcasts in the country, as well as signals that impede the operation of existing television and radio broadcasts and satellite systems;
3.1.5. to provide information on electronic threats at the national level on the basis of studying and analyzing international experience in the field of cyber security, to prepare recommendations on the selection and application of effective programs and technical means to prevent illegal intrusion into information systems;
3.1.6. to provide users with education in the field of cyber security and provide them with methodological assistance;
3.1.7. to take preventive measures agreed with the Ministry and report to the national internet operator in order to prevent global cyber attacks on general internet traffic;
3.1.8. to collect and store information about users in order to prevent electronic threats, identify the sources of cyber attacks and take appropriate measures;
3.1.9. to ensure the protection of information obtained during the elimination of electronic threats in accordance with the law;
3.1.10. to analyze the software and hardware widely used by users in the country from the point of view of security, to make recommendations on elimination of weaknesses found in them;
3.1.11. to analyze technological innovations applied to protect against possible electronic threats, emerging electronic threats and methods and means of their implementation;
3.1.12. to audit these systems together with the relevant structural units of the Ministry of National Security of the Republic of Azerbaijan and the Special State Protection Service of the Republic of Azerbaijan on the basis of appeals made by the owners of information systems and networks for the purpose of detection and prevention of electronic threats;
3.1.13. disseminate information on methods and tools useful for cyber security, as well as open source programs;
3.1.14. to cooperate with manufacturers of software and hardware in the field of cyber security, similar structures in other countries and international organizations;
3.1.15. to create its own official Internet information resource and through it to raise awareness and information about the activities of the Center, as well as in the field of cyber security;
3.1.16. to prepare information on electronic threats, as well as bulletins, instructions and recommendations on software and hardware used to prevent them, as well as to prepare annual statistical reports on cybersecurity and publish them in the official Internet information resource;
3.1.17. to organize operative reception of information on electronic threats and take appropriate measures;
3.1.18. to conduct trainings and seminars to improve the level of training of specialists in the field of cyber security by involving local and foreign experts;
3.1.19. to identify and prevent threats in the field of cyber security, as well as to inform the relevant government agencies about violations of the law;
3.1.20. to make proposals to the Ministry in order to increase the level of cyber security in the country;
3.1.21. To consider applications and complaints received in connection with the activities of the Center and to take measures in accordance with the law.
4. Rights of the Center
4.1. The Center has the following rights:
4.1.1. to apply for information systems and networks, computer equipment and electronic threats against or may be directed against their software;
4.1.2. to request information on state and local self-government bodies, individuals and legal entities, as well as operators and Internet providers on cyber security;
4.1.3. to receive operative information on electronic threats and their consequences from computer incident control centers operating in the country;
4.1.4. to submit proposals to the Ministry for the prevention of electronic threats in information systems and networks, technical equipment whose activities may harm the overall cyber security environment of the country;
4.1.5. to involve scientific research and educational institutions, companies, independent experts and specialists, to establish working groups and commissions for research, solution of issues related to the areas of activity, as well as for the provision of consulting services in accordance with the law;
4.1.6. to establish business relations with relevant international organizations and relevant organizations of foreign countries for the study and application of international experience in the field of activity.
5. Organization of the Center's activity
5.1. The number of employees of the Center is determined by the Cabinet of Ministers of the Republic of Azerbaijan. The structure and staffing of the center are approved by the Ministry.
5.2. The center is headed by a director. The director of the center and his deputy are appointed and dismissed by the Minister of Communications and Information Technologies of the Republic of Azerbaijan.
5.3. Director of the Center:
5.3.1. Organizes and directs the activities of the Center;
5.3.2. Submits to the Ministry for approval the current (annual) and future work plans of the Center and reports on their implementation;
5.3.3. prepares and submits to the Ministry for approval the structure of the established remuneration fund and the structure of the Center, the staff list and the allocated budget allocation, as well as the cost estimates for the funds received from other sources within the limits of the number of employees;
5.3.4. Ensures the efficient use of budget funds, loans, grants and other financial resources allocated for the purpose of organizing the activities of the Center;
5.3.5. Appoints and dismisses employees of the Center in accordance with the legislation of the Republic of Azerbaijan;
5.3.6. Implements incentive and disciplinary measures in accordance with the law on the employees of the Center;
5.3.7. issues binding orders and directives;
5.3.8. Represents the Center without a power of attorney in relations with state and local self-government bodies, legal entities and individuals;
5.3.9. ensure the implementation of the rights and responsibilities set out in this Regulation
5.3.10. The Center maintains the accounting of the results of its activities in accordance with the existing legislation, submits accounting and statistical reports to the Ministry and public financial bodies.
President of the Republic of Azerbaijan
By the Decree dated March 5, 2013
20:10, 05 March 2013
http://www.president.az/articles/7982 about state secrets
http://www.president.az/articles/7550 Non-governmental organizations