ASTANA – Kazakhstan leads Central Asia in cybersecurity with a relatively advanced institutional and legal framework, according to the Central Asia Cybersecurity Baseline Study: Executive Summary, published on July 8.
Photo credit: freepik
The study, prepared by the e-Governance Academy (eGA), with support from the European Union and in partnership with Expertise France, is the result of six months of field research, interviews, and policy analysis. It provides a comprehensive overview of cybersecurity capabilities and challenges across Kazakhstan, the Kyrgyz Republic, Tajikistan, and Uzbekistan.
“This study provides valuable insights into how national strategies, laws, and institutions are shaping the region’s cybersecurity posture and where the most urgent support is needed,” said Merle Maigre, lead editor, in a report summary.
“By grounding our recommendations in local realities, the project aims to support Central Asian countries in building resilient, inclusive, and secure digital futures,” she added.
Kazakhstan has been recognized for its comprehensive cybersecurity strategy, which includes the Cyber Shield and Digital Transformation programs, as well as the development of critical infrastructure, a clear institutional model, a mature Computer Emergency Response Team (CERT) and Security Operations Center (SOC) network, and active international cooperation.
“Kazakhstan leads with the most solid strategic framework, anchored in its CyberShield strategies (2017, 2022) and the 2023 Concept for Digital Transformation, ICT Development, and Cybersecurity. Kyrgyzstan and Uzbekistan embed cybersecurity within digitalization strategies; however, both are still updating legal frameworks and institutional structures,” reads the report.
The report also notes Kazakhstan’s efforts to improve cybersecurity through infrastructure expansion and IT upskilling initiatives. A new high-priority area appears to be AI, with a dedicated strategy being adopted in 2024.
Additionally, the report includes detailed findings and tailored, actionable recommendations on governance, critical infrastructure protection, cybersecurity education, and public awareness. Across the region, shared challenges include institutional fragmentation, limited incident response capacities, and gaps in public awareness and education.
“It [Kazakhstan] has made strong advances, with steady progress across global digital development and cybersecurity indices. Still, while digitalization is perceived as a political priority, cybersecurity investment trails behind, reflecting a familiar usability-security trade-off,” reads the report.
