For four years, Ukraine has been effectively countering instruments of cyberoperations and coordinated information influence in real wartime conditions, Halyna Mykhailiuk
19 February 2026, 11:38
Deputy Chair of the Verkhovna Rada of Ukraine Committee on Law Enforcement, Halyna Mykhailiuk, joined the panel discussion within the Munich Security Conference, dedicated to the integrity of information in Europe and the role of Ukraine's experience in strengthening the EU's digital resilience.
During the discussion it was emphasised: modern threats are increasingly carried out through a combination of cyber operations and coordinated informational campaigns. Such tools are aimed not only at technical interference with the system or infrastructure, but also at shaping the impact on public thought, political process and the level of trust to government institutions.
Ukraine's experience has been shaped not by theoretical discussions, but under the constant pressure of a full-scale war. This is what led to the creation of a comprehensive response system — both in the field of cybersecurity and in the field of strategic communications.
As Halyna Mykhailiuk noted, in 2024 the Ministry of Defence of Ukraine established the Cyber Incident Response Center which works round-a-clock and does the monitoring in real time. For the last year alone, the Centre prevented around 5 000 significant incidents. The weekly workload reached about 850 cases of varying complexity — from local anomalies to critical interventions. The center also became a member of the international community FIRST (Forum of Incident Response and Security Teams), which brings together more than 700 response teams worldwide.
In spring 2025, Law No. 11290 "On Amendments to Certain Laws of Ukraine on Information Protection and Cyber Protection of State Information Resources, critical information infrastructure facilities," aimed at creating an updated national system for responding to cybersecurity incidents, cyberattacks, and cyber threats to state information resources and critical information infrastructure facilities. The State Service of Special Communications and Information Protection of Ukraine ensures the functioning of this system.
The national response system includes the national CERT-UA team, as well as sectoral and regional response teams created by state and local authorities. This approach has made it possible to build a multi-level cyber defence model with a clear division of powers and coordination of actions.
The practical results are demonstrated, in particular, by the activities of CERT-UA: in 2025, the team handled 5,927 cyber incidents — 37.4% more than a year earlier. The increase in the number of incidents indicates the systemic nature of cyber pressure, while confirming the state's ability to ensure continuous response and minimise the consequences of attacks.
An important continuation of national efforts is the combination of Ukraine's unique experience, formed in the real conditions of full-scale war, with the expertise of international partners and NATO approaches to the standardisation of strategic communications.
In 2026, the Centre for Strategic Communications and Information Security, together with the NATO Strategic Communications Centre of Excellence (NATO StratCom COE), presented an analytical report proving the russian federation's involvement in information operations against Ukraine. The Ukrainian side provided real cases and operational experience in countering information attacks, while NATO provided a systematic approach to collecting, structuring and evaluating evidence in accordance with international standards. This synthesis of practice and standardisation allows us to move from recording information influences to their substantiated attribution and the formation of a joint response to modern digital challenges.