Baku: Fines are being introduced for violations of the requirements of normative legal acts in the field of ensuring cybersecurity, APA reports. This legislative change is encapsulated in the proposed new Article 371-2 of the Code of Administrative Offenses, which was deliberated upon during today's session of the Milli Majlis.
According to Azeri-Press News Agency, the draft law outlines several scenarios that could lead to financial penalties. Specifically, computer incident response centers, security operations centers, and various information infrastructure entities, including internet providers and hosting providers, could face fines for failing to adhere to cybersecurity measures. These measures include compliance with instructions from designated executive authority bodies, immediate reporting of cyber threats, and conducting real-time monitoring of incidents. Moreover, entities are required to respond promptly to inquiries related to cybersecurity research and digital investigations.
Non-compliance with these requirements will result in fines ranging from 500 to 1,000 manats for officials and from 1,000 to 2,000 manats for legal entities. Furthermore, operating as a computer incident response center or a security operations center without proper registration will incur fines ranging from 1,000 to 1,500 manats for officials and from 1,500 to 2,500 manats for legal entities.
Exemptions to these provisions include critical information infrastructure, state bodies, and specific financial and strategic entities such as the Central Bank of Azerbaijan, intelligence entities, and protected facilities. The draft law successfully passed the first reading in the legislative body.