According to the new bill submitted by the government to the State Duma on July 7, all state information systems (GIS) will have to connect to GosSOPKA (State System for Detection, Prevention and Elimination of Consequences of Computer Attacks) and promptly notify the FSB of any cyber incidents. This applies to federal, regional, municipal and departmental IT systems.
The bill obliges government agencies not only to record incidents, but also to transmit the results of internal investigations to the FSB. However, experts note that departments will need time to adapt: it is necessary to develop uniform reporting formats and establish automated data exchange.
Earlier, in March 2025, the FSB approved new requirements for data encryption in state information systems (order No. 117). Now, SKZI (cryptographic information protection tools) should be used not only in GIS, but also in IT systems of state enterprises and institutions. The only exceptions are the systems of the highest authorities and systems containing state secrets.
On July 16, the IT Committee of the State Duma should prepare a review of the bill. The Ministry of Digital Development clarified that the FSB will determine the details of interaction with GosSOPKA.