Ukraine—US Cybersecurity Activity in Ukraine

The Cybersecurity for Critical Infrastructure in Ukraine Activity strengthens the resilience of Ukraine’s critical infrastructure against cyberattacks from Russian and other sources by fostering collaboration between government, private sector, academia, and civil society. The Activity unites global and local expertise in diverse cybersecurity domains to improve Ukraine’s cyber preparedness and build resilience in the oil and gas, electricity, transport sectors, and critical infrastructure.

The Activity works with more than 160 government institutions, think tanks, universities, nongovernmental groups, and industry associations while engaging prominent U.S. and international companies to deliver cutting-edge cybersecurity solutions. Its priorities are to strengthen organizational and technical capacity in key institutions, ensure the next generation of cybersecurity professionals is well prepared, and lay the foundation for improved preparedness based on a sound legal framework, effective communication between stakeholders, and active engagement with the private sector.

Since Russia’s full-scale invasion, the Activity team has coordinated its work with a wide range of Ukrainian stakeholders. This ongoing dialogue helps identify and prioritize changing cybersecurity needs, shaped by the war’s impact on the Ukrainian operating environment. Despite the challenges of war, Ukraine continues to progress in cybersecurity resilience. U.S. contributions to these efforts have been instrumental to their success, and the Activity plays a key role in responding to the dynamic cybersecurity requirements of Ukraine’s critical infrastructure community.

Sample Activities

• Align Ukraine’s legal and regulatory frameworks with international standards, including those established by the U.S. National Institute of Standards and Technology (NIST) and the European Union Agency for Cybersecurity.
• Fortify national preparedness, enhance coordination among cybersecurity stakeholders, and leverage cutting-edge technology solutions.
• Address workforce gaps by enhancing educational programs, nurturing new talent, and promoting the National Cybersecurity Workforce Framework in line with NIST standards.
• Foster trust and collaboration between public and private sectors to stimulate investment and growth in the cybersecurity industry.
• Broaden access to innovative solutions and create opportunities for Ukrainian cybersecurity service providers.
• Educate Ukrainians with cybersecurity knowledge and best practices.

Select Results

• Supported 21 laws, policies, regulations, or standards to enhance critical infrastructure cybersecurity governance.
• Conducted cyber diagnostics in 71 entities, state bodies, and organizations across various sectors using a methodology inspired by the NIST Cybersecurity Framework.
• Secured 42 state registries and seven information systems, providing millions of Ukrainians with stable and secure access to vital services.
• With Ukrenergo, Ukraine’s state-owned electricity transmission system operator, established the modern industrial-grade security operations center, a first-of-its-kind industrial cybersecurity center in the energy infrastructure.
• Developed and launched the CyberTracker, a web-based monitoring tool for the National Security and Defense Council, to facilitate monitoring of the Cybersecurity Strategy Implementation Plan.
• Launched a higher educational institutions (HEIs) program to help 11 universities develop and update 14 cybersecurity educational programs aligned with the country’s new cybersecurity professional standards.
• Addressed the urgent equipment and software needs of 25 HEIs displaced or damaged by Russia’s invasion of Ukraine and procured IT, professional licenses, and IT security instructional tools for universities.
• Supported the development of the 20 cybersecurity professional standards established by the 2022 Ukrainian National Cybersecurity Workforce Framework.
• Established Cybersecurity Educational Labs in four regional universities and hosted career webinars for more than 1,800 students.
• Created two Industrial Control Systems (ICS) Laboratories to train critical infrastructure operators in modern ICS/SCADA protection techniques.
• Through the Innovative Cybersecurity Solutions Grant Program, supported the development of six innovations. Two of them were already deployed by Ukrainian companies, fostering the growth of the local cybersecurity market and encouraging investment in new technologies.
• Conducted a national cyber awareness campaign to educate Ukrainians on core principles of safe work in cyberspace, engaging more than 10 million Ukrainians.