The Ukrainian Defense Ministry is strengthening data protection rules in subordinate systems: Order No. 692/nm of October 15 approved the Sectoral Security Profile — uniform minimum requirements for cyber protection for the IT infrastructure of the ministry, the Armed Forces of Ukraine, and the State Special Service for Transport.
The Ukrainian Defense Ministry is strengthening data protection rules in subordinate systems: Order No. 692/nm of October 15 approved the Sectoral Security Profile — uniform minimum requirements for cyber protection for the IT infrastructure of the ministry, the Armed Forces of Ukraine, and the State Special Service for Transport.
According to the Ministry of Defense, the document establishes a unified approach to working with open, confidential, and official information and is based on international standards and national legislation, taking into account the specifics of the defense sector.
The profile defines requirements for access control, data protection during storage and transmission, monitoring of security events, incident response, and also contains recommendations for administrative and technical measures. Separately, training of personnel of all structures that will implement the rules is provided, as well as procedures for assessing the compliance of systems with the specified criteria. The Ministry of Defense emphasizes that uniform rules allow for faster creation and launch of new services, increasing their reliability and security.
The document applies to information systems of the ministry, the Armed Forces of Ukraine and the State Special Transport Service, which process open, confidential or official information. The only exceptions are automated systems of class «1». According to Deputy Minister for Digital Development Oksana Ferchuk, the unification of requirements minimizes gaps between units and simplifies the scaling of digital solutions in the department.
The profile was developed in accordance with the Cabinet of Ministers' Resolution No. 712 of June 18, 2025. Further, specific implementation plans and checkpoints for inspections should appear at the unit level, and the audit results will become the basis for modernization of protection.
The war has dramatically increased the load on defense IT systems and the number of attacks on them. A single security profile is a transition from «patching» individual nodes to a standardized mature model: clear access roles, logging, network segmentation, «default» encryption, and regular penetration tests. For contractors, this is also a signal: integration with the Ministry of Defense is possible only if unified requirements are met and they are ready to confirm them with an audit.
Previously, dev.ua wrote about how the Cabinet of Ministers adopted a resolution that allows the transfer of developments tested in the Ministry of Defense system to factories. The idea is simple: if the technology worked in war, it can be quickly given to several manufacturers and supplied to the troops in series.
