Bulgaria adopted its national Cyber Security Strategy, National Cyber Security Strategy Cyber Resilient Bulgaria 2020, in July 2016: http://www.cyberbg.eu/doc/20161024_Cyber_strat_proekt.pdf (Bulgarian).
The strategy sets out 9 goals for its implementation:
OB 1 - Establishment and development of the national system for cyber security and resilience
OB 2 - Network and Information Security - the foundation of cyber resilience
OB 3 - Protection and sustainability of digitally dependent critical infrastructures
OB 4 - Improving the interaction and information sharing between state, business and society
OB 5 - Development and improvement of the regulatory framework
OB 6 - Stepping up the fight against cyber crime
OB 7 - Cyber defense and protection of national security
OB 8 - Raise awareness, knowledge and competencies and develop a stimulating environment for research and innovation in the field of cyber security
OB 9 - International interaction - cyber diplomacy and Interoperability
A specific roadmap setting up the deadline for implementing the measures has not been released yet.
The strategy also sets up a Cyber Resilience Council which will monitor trends and developments in cyber threats, risks, methods of counteracting and making proposals to the national security council.
The new council will prepare regular reports to the national security council and the Cabinet on the state of security in cyberspace, on the development of risks and a summary assessment of the level of maturity and cyber stability achieved.
NATIONAL CYBER SECURITY STRATEGY - NIS Capacities
|Year of adoption||National Cyber Security Strategy Cyber Resilient Bulgaria 2020 (Bulgarian language), July 2016|
|Updates and revisions||N/A|
|Implementation and monitoring||
Monitoring of the plan, objectives achieved will be implemented by the Cyber Resilience Council which will also be responsible for the future updates of the strategy.
The Cyber Resilience Council is chaired by the Minister of Interior and Minister of Defense and includes representatives of the Ministry of Transport, Information Technology and Communications, Ministry of Justice, Ministry of Finance, Ministry of Economy, Ministry of Energy, as well as representatives of business, academia and non-governmental organisations.
|Operational capacity building||CERT Bulgaria (English), https://govcert.bg/en/welcome, is the National Computer Security Incidents Response Team. Its mission is to provide information and assistance to its constituencies in implementing proactive measures to reduce the risks of computer security incidents as well as responding to such incidents when they occur.|
Business and public private partnerships
The national strategy aims at developing dedicated programs to improve the competitiveness of SMEs and micro entreprises and to raise awareness on cyber culture. This objective will be reached through the organisation of business networks or clusters to share information and best practices.
|Date of last WISER analysis||
Compliance with the GDPR and NIS Directive: Report a cyber incident
|Report a cyber incident to national CERT/CSIRT||
Team Email: cert@govCERT.bg
Telephone: +359 2 949 22 12 , +359 878 908 546
Results and built capacity will be validated periodically with sectoral and national training and exercises, simulation exercises and increasing participation in international exercises.
In October 2016 Bulgaria signed a new Memorandum of Understanding on cyber defence cooperation with NATO. This will enable enhanced information exchange, including on cyber threats and best practices.
|Guidance and Updates||
CERT Bulgaria (English), https://govcert.bg/en/welcome, provides regular news beats, alerts (e.g. new viruses), information on vulnerabilities and advice on tackling cyber threats in Bulgarian and English.
Examples of alerts include: Security updates from Cisco and McAfee (July 2017), https://govcert.bg/alerts.
|Languages||Bulgarian and English|
|Date of last WISER analysis||July 2017|