Mintsifry introduced new OKVED for activities in the field of cybersecurity

The Ministry of Digital Development has allocated specialized All-Russian Classifiers of Economic Activities (OKVED) for companies in the field of cybersecurity. They are necessary for obtaining benefits, but they can also help regulators with the analysis of the segment, experts believe.

The Ministry of Digital Transformation has introduced new OKVED for activities in the field of cybersecurity. The portal “ConsultantPlus” contains information about the registration of OKVED “Services for monitoring the security of confidential information from leakage through technical channels …”, “Services (work) for encrypting information that does not contain information constituting a state secret …”, “Production of means for protecting confidential information ”, etc. In total, the Ministry of Digital Transformation introduced 16 classifiers and corrected six. OKVED have been operating since May.

The ministry initially announced plans to allocate new OKVED for companies in the field of information security in 2022 in order to “apply support measures to them under sanctions.” Now the Ministry of Digital Transformation has clarified to Kommersant that are preparing changes to the regulation on state accreditation so that companies with supplemented OKVED can apply for benefits.

The development and support of information security is also enshrined in the strategy for the development of the communications industry until 2035 (see Kommersant of May 19). In particular, it is planned to create a secure and isolated network for managing the state and critical information infrastructure facilities, launch a national system for countering DDOS attacks, and create industry-specific centers for responding to computer incidents.

Previously, cybersecurity companies used suitable IT codes, mainly related to computer technology, notes Vladimir Ulyanov, head of the Zecurion analytical center, for example OKVED 62, which were held for development companies, integrators and consultants. The expert believes that the change of OKVED codes by companies or the addition of new ones will be gradual and may accelerate as additional benefits or requirements appear.

Profile OKVED is needed to indicate the specifics of the work of certain organizations or the entire industry, to establish licensing and other requirements, obligations or rights, Vadim Tkachenko, founder and CEO of the vvCube consulting group, explains. For the Ministry of Tsifra, the codes will simplify the mechanics of regulation, believes the lawyer of the ICA “Klishin and Partners” Alexander Malakhov, allowing, for example, to introduce or cancel requirements, benefits and the like at once for a group of organizations.

The licensing regulations contain a more detailed set of activities in the field of information security: this includes the production of security tools, information security monitoring, the provision of data encryption services, etc., these activities are indicated in the FSTEC and FSB licenses that companies are required to obtain, specifies the director of methodology and standardization of Positive Technologies Dmitry Kuznetsov. “Changes made to OKVED synchronize the classifier with cybersecurity licensing regulations adopted more than a decade ago,” he says.

Alexander Malakhov adds that the new OKVED, among other things, will help the Ministry of Digital Transformation to more adequately assess the movement of funds in the cybersecurity segment, since without highly specialized classifiers it is difficult to separate them from the IT industry as a whole, “now this information can be collected through the Federal Tax Service, where companies transfer turnover data.

Tatyana Isakova