Disclaimer: This is a machine translation. It is fully automated and involves no human intervention. The quality and accuracy of machine translation can vary from one text to another and between different language pairs. The ITU does not guarantee the accuracy of the translation and accepts no liability for possible errors.
From 24 to 26 September 2025, the cyber exercises “Digital Kyrgyzstan 2025” took place in Bishkek. The event was organized by the International Telecommunication Union (ITU) Regional Office for the Commonwealth of Independent States (CIS), the Ministry of Digital Development and Innovative Technologies of the Kyrgyz Republic, and the OSCE Programme Office in Bishkek, with support from the I. Razzakov Kyrgyz State Technical University.
In the photo, from left to right: Aziz Pirmamatov, Deputy Minister of Digital Development and Innovative Technologies of the Kyrgyz Republic; Edil Baisalov, Deputy Prime Minister of the Kyrgyz Republic; Volker Froebart, Head of the OSCE Programme Office in Bishkek; and Farid Nahli, Programme Coordinator at the ITU Regional Office for the Commonwealth of Independent States (CIS).
The cyber exercises served as a platform for exchanging expertise and practicing coordinated responses in the field of cybersecurity. Their main objective was to strengthen cyber resilience, enhance human capacity, and prepare specialists to respond effectively to cyber incidents.
The three-day event began with a discussion on current information security challenges in Kyrgyzstan, workforce development in the sector, and digital regulation of cybersecurity. The following two days were dedicated to hands-on practical sessions. As noted by Edil Baisalov, Deputy Prime Minister of the Kyrgyz Republic, the exercises represented a concrete step toward enhancing the country’s resilience to cyber threats.
Farid Nahli, Programme Coordinator at the ITU Regional Office for CIS, outlined ITU’s key areas of work to strengthen cybersecurity capabilities across CIS countries and support digital transformation. These include technical measures such as accelerating the adoption of national cybersecurity strategies, building human capacity, strengthening national cybersecurity institutions, and fostering international cooperation.
In 2024, ITU released the fifth edition of the Global Cybersecurity Index (GCI), (
The Global Cybersecurity Index, GCI), which assesses countries’ efforts in cybersecurity. Over the past four years, Kyrgyzstan has improved its standing and moved into the third (out of five) maturity group—“Establishing.” The country has significantly strengthened its technical cybersecurity measures while maintaining strong legal and organizational frameworks. Among CIS countries, Kyrgyzstan is now in the same group as Belarus, while Russia, Kazakhstan, Azerbaijan, and Uzbekistan demonstrate higher performance levels.
Kyrgyzstan operates a National Computer Incident Response Team—the Cybersecurity Coordination Centre under the State Committee for National Security (SCNS). According to the country’s Cybersecurity Law, this Centre is authorized to respond to computer incidents affecting state information systems. Its monitoring scope includes critical information infrastructure.
In addition to the SCNS Coordination Centre, cybersecurity responsibilities are also carried out by the Cybersecurity Department within the Ministry of Digital Development.
In April 2025, ITU and the Ministry of Digital Development and Innovative Technologies announced the establishment of a second national Computer Incident Response Team (CIRT)—the Ministry’s CIRT.
“The presence of a national CIRT is considered a technical measure under the GCI. The creation of the new CIRT under the Ministry contributes to Kyrgyzstan’s progress in this area. Moreover, this CIRT will help build national capacity by raising awareness, delivering trainingsaid Farid Nahli.
ITU places special emphasis on cyber exercises as a tool for developing human capital. ITU conducts exercises at various levels—from national to interregional—with national CIRTs as the primary participants. These exercises follow a collaborative model: if specialists from one CIRT detect suspicious activity, they can contact counterparts in another country’s CIRT to resolve the issue more effectively, thereby fostering a global network of cybersecurity professionals.
ITU cyber exercises include technical skills training and realistic incident response scenarios. Regional-scale exercises have already been held in Malaysia, Kazakhstan, and the UAE.
“The ITU Regional Office for CIS is ready to share best practices and international expertise to enhance cyber resilience,” – emphasized Farid Nahli.
ITU cybersecurity expert Alessandro Ortalda conducted a crisis management simulation for participants—senior representatives from Kyrgyz government agencies and private companies. The training took the form of a role-playing exercise simulating a large-scale cyber incident. Participants assumed roles representing key national entities—such as a ministry, a telecom operator, and a hospital.
Each team had to respond to a series of escalating crisis events: system outages, data breaches, ransomware attacks, bank card fraud, and mounting pressure from media, government, and international partners. The scenario unfolded over simulated “days,” gradually increasing tension to illustrate how cyberattacks impact not only technology but also public trust, institutional reputation, and staff operations.
The main goal was to help participants learn to make decisions under uncertainty, manage crisis communications, and balance technical, legal, and reputational risks. The exercise highlighted the importance of inter-agency coordination, contingency planning, and strategic thinking in cybersecurity—demonstrating that missteps can have severe consequences for the state, businesses, and citizens alike.
“Building human capacity and fostering collaboration among all stakeholders is the foundation of Kyrgyzstan’s digital sovereignty,” said Aziz Pirmamatov, Deputy Minister of Digital Development and Innovative Technologies of the Kyrgyz Republic.
“The OSCE Programme Office in Bishkek supports initiatives that strengthen trust and cooperation in the field of cybersecurity,” added Volker Froebart, Head of the OSCE Programme Office in Bishkek.
ITU cybersecurity expert Timur Derbishaliev noted that when organizing both national and regional cyber exercises, ITU prioritizes partnerships with organizations that have a strong regional presence and deep understanding of local challenges.
«“This approach ensures maximum effectiveness and relevance to countries’ real needs. ITU collaborates with leading global cybersecurity companies, many of which already operate in Central Asia. Their localized experience is invaluable—they understand regional realities and can offer practical, actionable solutions,” explained Timur Derbishaliev.
Over 300 cybersecurity professionals and representatives from related sectors—including government, private industry, academia, and youth communities—participated in the “Digital Kyrgyzstan 2025” cyber exercises.