Contact Us

Azerbaijan: Establishes National Cybersecurity Agency

Home / Country Update / Azerbaijan: Establishes National Cybersecurity Agency

President Ilham Aliyev of the Republic of Azerbaijan has signed a pivotal Decree aimed at significantly improving governance in the fields of cybersecurity and personal data protection. This legislative action leads to the establishment of the National Cybersecurity Agency (NCA), a public legal entity operating under the Ministry of Digital Development and Transport. The NCA is formed by transforming the Electronic Security Service of the Ministry, marking a strategic evolution in the nation’s digital defense capabilities .

Azerbaijan on world map

Mandate and Scope of the National Cybersecurity Agency

The newly formed NCA is endowed with broad responsibilities, positioning it as the central authority for cybersecurity regulation and oversight in Azerbaijan. Its core functions are designed to create a more resilient and secure digital environment for both public and private sectors  

Key responsibilities of the NCA include:

  • Regulation and Oversight: Establishing and enforcing cybersecurity regulations across the country, with a specific focus on critical information infrastructures and state-owned information systems. This includes coordinating activities of information infrastructure subjects.
  • Threat Detection and Prevention: Proactively identifying, investigating, and preventing cyber threats targeting information infrastructures. This involves taking preventive measures against actions aimed at compromising cybersecurity.
  • Prohibited Content Management: Implementing measures against the dissemination of prohibited content on online information resources.
  • Personal Data Protection: Ensuring the robust protection of personal data, a critical aspect of modern digital governance.
  • Awareness and Support: Conducting extensive public awareness campaigns and providing methodological support to both the general populace and various organizations on cybersecurity best practices.
  • National Computer Incident Response Center (NCIRC) Functions: Organizing the activities of the national computer incident response center, collecting and analyzing information on cyber threats and incidents, and coordinating with sectoral computer incident response centers to establish unified notification mechanisms.
  • International Cooperation: Collaborating with relevant entities both domestically and internationally to enhance cybersecurity preparedness and share best practices

Legal Succession and Organizational Structure

The Decree explicitly states that the National Cybersecurity Agency is the legal successor to the Electronic Security Service. This means that all rights, obligations, and assets previously held by the Electronic Security Service are now transferred to the NCA, ensuring a seamless transition of authority and operations.
 
The Agency’s governance structure is designed for effective leadership and oversight. It will be managed by a Management Board comprising a Chairperson and three Deputy Chairpersons. This structure is intended to provide strategic direction and ensure accountability in the Agency’s multifaceted operations.

Regulatory Amendments and Operational Framework

To facilitate the establishment and operation of the NCA, the Presidential Decree also introduces necessary amendments to several existing regulatory legal acts. These amendments align previous provisions related to the Electronic Security Service with the new Agency, ensuring legal consistency and clarity.
 
Furthermore, the Decree officially approves the Charter of the National Cybersecurity Agency. This Charter serves as the foundational document outlining the Agency’s operational framework, detailed functions, rights, and duties, thereby solidifying its role and authority within Azerbaijan’s regulatory landscape.

For this article’s source information and any product certification guidance, please contact Global Validity. 

Quick Country Facts

Azerbaijan

Certification Body: Ministry of Communication and Information Technology

Certification Type: Mandatory

License Validity: 12 Months

Application Language: English

Legal License Holder: Local Representative

In-Country Testing Requirement: Testing Not Required

The regulatory information above is based on radio type approval certification. Access additional certification requirements in over 200 countries and territories with Global Validity’s free proprietary product certification management software, Access Manager. Learn more about the platform here or fill our quick contact form! 

Global Validity is your partner for global certification success

Want to learn more about regulatory compliance and how we can help? Simply fill out the form below and we’ll be in touch!