Abstract:
Critical Information Infrastructures are an integral component of contemporary society,
encompassing indispensable services that form the foundation of our daily existence, such as
healthcare, energy, water, and transportation. Given its vitality to societies, it has become a
major concern for national security, as many governments strive to ensure that these
infrastructures are not disrupted, or much worse, subject to debilitating cyberattacks. The
present capstone project makes a comparative examination of the legislative frameworks
governing the regulation of Critical Information Infrastructure in the European Union member
states and Azerbaijan, while also looking into the experiences of other countries. The study has
revealed that at the time of preparing the paper, the biggest issue in the Azerbaijani legislation
pertains to the new national cybersecurity strategy that has been subject to many negotiations
that have delayed its approval; however, there are other amplifying issues pertaining to the lack
of cybersecurity specialists, lack of public awareness on cybersecurity, and limited research
and development. To help the institutions compensate for the lack of guidance as brought about
by the lengthy approval process, the project proposes the government to lay the preliminary
groundwork for the critical information infrastructure protection, promotes research and
development in cybersecurity, takes the necessary measures to increase public awareness on
cybersecurity through inclusion of courses in curricula, and adopting certain international
cybersecurity standards. The options are weighed against one another according to the five
main criteria.