This is reflected in a draft law on amendments to the Code of Administrative Offenses, discussed at today's session of the Milli Majlis.

According to the draft, for failure to take measures to ensure cybersecurity of information infrastructure by computer incident response centers, security operations centers, as well as information infrastructure entities, including owners of internet information resources, internet providers, and hosting providers, specifically for:

For carrying out activities as a computer incident response center and security operations center without being entered into the relevant register of computer incident response centers and security operations centers, officials will be fined from 1,000 to 1,500 manats, legal entities from 1,500 to 2,500 manats.

The above provisions will not apply to critical information infrastructure, state bodies (institutions), including the Central Bank, intelligence and counterintelligence entities, entities whose activities in financial markets are regulated (banks, insurers, reinsurers, licensed securities market participants, joint-stock investment funds and investment fund managers, payment service providers, etc.), as well as to the information infrastructure of protected persons, protected and strategic facilities, and to computer incident response centers and security operations centers established by the body (institution) determined by the relevant executive authority and the Central Bank.

If adopted, the law will enter into force on July 1, 2027.

The draft law was put to a vote after discussions and adopted in the first reading.