TITLE: Ukraine's State Service of Special Communications and Information Protection Establishes Cybersecurity Framework for Artificial Intelligence Systems
BODY:
On 23 February 2026, the State Service of Special Communications and Information Protection of Ukraine (SSSCIP) approved comprehensive recommendations for the cybersecurity of information and communication systems (ICS) employing artificial intelligence (AI) technologies through Order No. 154. The recommendations implement the Government's roadmap for the 2025–2026 Artificial Intelligence Development Concept and serve as a practical guide for owners and operators of both public and private information, electronic communication, and technological systems.
While the recommendations are voluntary, they are designed to assist organisations in developing cyber defence plans and risk assessments during AI technology deployment. SSSCIP has identified key threat vectors specific to AI systems, including AI supply chain attacks, data and model poisoning, adversarial attacks, prompt injection, and AI model inversion and theft. To counter these threats, the framework outlines cybersecurity measures including adversarial training, federated learning, differential privacy, and rigorous input filtering. The recommendations emphasise integrating AI risk management into organisations' overarching cybersecurity frameworks, aligned with leading international standards such as ISO/IEC 23894:2023, ISO/IEC 42001:2023, and specific National Institute of Standards and Technology (NIST) frameworks.
The guidelines enable Ukrainian institutions and organisations to integrate AI technologies safely while mitigating specific vulnerabilities and protecting critical data against emerging cyber-attack vectors. The framework applies to all sectors operating critical information systems in Ukraine, including government agencies, private enterprises, and essential service providers.