Bulgaria adopted its national Cyber Security Strategy, National Cyber Security Strategy Cyber Resilient Bulgaria 2020, in July 2016: http://www.cyberbg.eu/doc/20161024_Cyber_strat_proekt.pdf (Bulgarian).
The strategy sets out 9 objectives:
Obj 1 - Establish and develop the national system for cyber security and resilience
Obj 2 - Ensure Network and Information Security as the foundation of cyber resilience
Obj 3 - Support protection and sustainability of digitally dependent critical infrastructures
Obj 4 - Improve the interaction and information sharing between state, business and society
Obj 5 - Develop and improve the regulatory framework
Obj 6 - Step up the fight against cyber crime
Obj 7 - Lead cyber defense and protection of national security
Obj 8 - Raise awareness, knowledge and competencies and develop a stimulating environment for research and innovation in the field of cyber security
OB 9 - International interaction - cyber diplomacy and Interoperability
A specific roadmap setting up the deadline for implementing the measures has not yet been released.
The strategy also sets up a Cyber Resilience Council which will monitor trends and developments in cyber threats, risks, methods of counteracting and making proposals to the national security council.
The new council will prepare regular reports to the national security council and the Cabinet on the state of security in cyberspace, on the development of risks and a summary assessment of the level of maturity and cyber stability achieved.
National Cyber Security Strategy
|Year of adoption||National Cyber Security Strategy Cyber Resilient Bulgaria 2020 (Bulgarian), July 2016|
|Updates and revisions||N/A|
|Operational capacity building||CERT Bulgaria (English), https://govcert.bg/en/welcome, is the National Computer Security Incidents Response Team. Its mission is to provide information and assistance to its constituencies in implementing proactive measures to reduce the risks of computer security incidents as well as responding to such incidents when they occur.|
Business and public private partnerships
The national strategy aims at developing dedicated programs to improve the competitiveness of SMEs and micro entreprises and to raise awareness on cyber culture. This objective will be reached through the organisation of business networks or clusters to share information and best practices.
|Implementation & Monitoring||
Monitoring of the plan, objectives achieved will be implemented by the Cyber Resilience Council which will also be responsible for the future updates of the strategy.
The Cyber Resilience Council is chaired by the Minister of Interior and Minister of Defense and includes representatives of the Ministry of Transport, Information Technology and Communications, Ministry of Justice, Ministry of Finance, Ministry of Economy, Ministry of Energy, as well as representatives of business, academia and non-governmental organisations.
Results and built capacity will be validated periodically with sectoral and national training and exercises, simulation exercises and increasing participation in international exercises.
In October 2016 Bulgaria signed a new Memorandum of Understanding on cyber defence cooperation with NATO. This will enable enhanced information exchange, including on cyber threats and best practices.
|Overall assessment||Applaudable in setting out goals to improve the competitiveness of SMEs and micro entreprises and to raise awareness on cyber culture.|
|Date of last WISER analysis||
Compliance with the GDPR and NIS Directive: Report a cyber incident
|Report a cyber incident to national CERT/CSIRT||
Team Email: cert@govCERT.bg
Telephone: +359 2 949 22 12 , +359 878 908 546
|Guidance and Updates||
CERT Bulgaria (English), https://govcert.bg/en/welcome, provides regular news beats, alerts (e.g. new viruses), information on vulnerabilities and advice on tackling cyber threats in Bulgarian and English.
Examples of alerts include: Security updates from Cisco and McAfee (July 2017), https://govcert.bg/alerts.
|Languages||Bulgarian and English|
|Date of last WISER analysis||August 2017|