New cyber defence doctrine approved by Russian government

News by Eugene Gerden

Russian Presidential Decree No.646 sets out a new doctrine of information security for Russia, the recognises the threat from foreign governments and safeguards privacy, writes our Russian correspondent Eugene Gerden.

Russian President Vladimir Putin has approved a new doctrine of IT security, according to press service of the Kremlin.

In the heart of Presidential Decree No.646, “The Doctrine of the Information Security of the Russian Federation”, is updating the existing approaches for the protection of Russian national interests in the information sphere, taking into account today's realities.

It follows the adoption of a cyber-security strategy, by presidential decree, in late 2014.

The new doctrine, approved last month, replaces the previous doctrine adopted in September 2000. It has been released at a time when controversy is raging over alleged hacking of organisations and the government in the US, purportedly under the direction of the Russian government.

The Presidential Decree, issued by President Putin, identifies cyber-security, privacy and information security as vital to the national interests of Russia and is intended to form the basis of further developments in public policy and public relations as well as improving systems for the protection of information security.

The national interests are enumerated in the Presidential Decree:

  1. the promotion and protection of the constitutional rights and freedoms of man and citizens in respect of information privacy
  2. supporting democratic institutions, the state and mechanisms of interaction of civil society
  3. preservation of cultural, historical, spiritual and moral values of the Russian multinational people
  4. ensuring sustainable and uninterrupted functioning of the critical national information infrastructure in peacetime and wartime and in response to foreign acts of aggression
  5. development of the Russian Federation in the field of information technology
  6. promotion nationally and internationally of the Russian government's policies around cyber-security and defence
  7. promote international cyber-security

Critically for the Russian government, the doctrine addresses the perceived threat from foreign countries seeking to influence Russia's information infrastructure for military purposes.

However, the doctrine also emphasises the principles of the protection of rights and freedoms of citizens, as well as privacy. It emphasises the need for sustainable and uninterrupted functioning of the Russian information infrastructure, and especially its crucial objects, such as the unified telecommunication network both during peacetime as well as during the times of direct threat and aggression.

Russian analysts in the field of cyber-security have welcomed the new strategy. Vladislav Vorotnikov, a well-known Russian lawyer specialising in cyber-crime issues, told SC Media UK that the adopted doctrine will help to strengthen the fight against cyber-crime in Russia.

Vorotnikov said, “The main advantage of the new doctrine is its clear specification, compared to its previous analogue. The old doctrine of information security was approved as far back as in 2000 and has already became out-of-date, although it still contains a lot of aspects that are relevant to the present day.

“Overall, the new doctrine is fully compliant with the current trend of modern hybrid wars, when impact is currently observed not only on physical but also on the economical, political and information levels.

“The state must respond to changes in the environment and, of course, to strengthen control over the Russian segment of the internet, as the latter is used as a platform for information warfare, which, de facto, is already underway.”

Ivan Rodionov, head of Kyberzachita, one of Russia's leading IT security laboratories, agreed with this analysis.

“The new  document has been significantly redesigned, and now it is more specific, targeted and powerful,” said Rodionov. “It contains three global strategic objectives, and in particular insufficient development of the domestic IT technologies and associated with this strong dependence on foreign products and developments.  In addition, it pays more attention [to protecting] the constitutional rights of citizens in the digital space, focusing on countering the ‘brainwashing' by terrorist organisations and unfriendly propaganda.”

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews