CERT-UA urges businesses to strengthen cooperation on cybersecurity

13/ 05/ 2025

The business community of the European Business Association met with experts from the State Cyber Protection Center of the State Service of Special Communications and Information Protection of Ukraine (SCPSSCIP) and the Government Computer Emergency Response Team of Ukraine (CERT-UA). The discussion focused on ways to enhance cooperation between the public and private sectors in order to counter growing cyber threats. CERT-UA experts also addressed a wide range of technical and practical questions from businesses regarding the unit’s operations, cooperation opportunities, incident response, and more. This meeting helped businesses better understand CERT-UA’s role in securing the country’s digital space—from incident response to malware analysis and attack prevention. Notably, CERT-UA is part of the international CERT/CSIRT network, which enables the exchange of critical threat intelligence with foreign partners. Collaboration that protects resources and reputation CERT-UA actively encourages businesses to cooperate on two levels: Proactively: subscribing to alerts, implementing indicators of compromise (IoCs), and adopting technical recommendations; Reactively: reporting cyber incidents, sharing malware samples, and participating in joint simulations and training sessions. Such collaboration has already proven effective in the financial, energy, and other critical sectors. Companies involved in these initiatives benefit not only from timely threat response but also from strategic advantages such as improved reporting and reduced costs on external consulting. Why Report Cyber Incidents? CERT-UA emphasizes that reporting cyber incidents is not just a recommended option, but a strategic necessity. Real-time awareness of threats helps prevent large-scale attacks, enables timely recommendations for other stakeholders, and supports the development of a more systematic defense. Importantly, such reports can be submitted anonymously. Key Recommendations for Businesses: Subscribe to CERT-UA updates to receive real-time threat alerts. Integrate IoCs into your systems to automatically block known threats. Report all incidents—minor events contribute to overall risk analysis. Engage in training and simulations to improve staff awareness and reduce risks. Treat cooperation with CERT-UA as an investment—it minimizes financial losses and strengthens your public image. If your company detects a cyber incident, it is recommended to report it to CERT-UA and the State Cyber Protection Center of the State Service of Special Communications and Information Protection of Ukraine. Contact information and details for reporting are available at: https://cert.gov.ua/contact-us https://scpc.gov.ua/uk/contact-us For individuals facing phishing or other cybercrimes, please report incidents to the Cyber Police using the contact form at: https://ticket.cyberpolice.gov.ua/send According to various studies, approximately 70% of cyber incidents are caused by human factors. This includes: Opening malicious attachments in phishing emails; Using weak or reused passwords; Ignoring software updates; Misconfiguring security systems; Accidentally leaking confidential information. In particular, the Verizon Data Breach Investigations Report (2024) found that 68% of incidents stem from human error. That’s why employee training, cyber hygiene, and phishing simulation campaigns should be a top priority for companies. To help minimize these risks, the Ukrainian government has launched the Diia.Education platform—an official national edutainment portal with up-to-date knowledge and skills. CERT-UA experts recommend using the free resources at https://osvita.diia.gov.ua/cyber as a foundation for staff training. The platform offers tests, cyber hygiene guides, and educational video series designed to improve your organization’s cybersecurity posture. The European Business Association sincerely thanks the experts from the SCPSSCIP and CERT-UA for the productive meeting, ongoing collaboration, and for sharing such valuable information with both businesses and the general public.

This meeting helped businesses better understand CERT-UA’s role in securing the country’s digital space—from incident response to malware analysis and attack prevention. Notably, CERT-UA is part of the international CERT/CSIRT network, which enables the exchange of critical threat intelligence with foreign partners.

Collaboration that protects resources and reputation

CERT-UA actively encourages businesses to cooperate on two levels:

Proactively: subscribing to alerts, implementing indicators of compromise (IoCs), and adopting technical recommendations;
Reactively: reporting cyber incidents, sharing malware samples, and participating in joint simulations and training sessions.

Such collaboration has already proven effective in the financial, energy, and other critical sectors. Companies involved in these initiatives benefit not only from timely threat response but also from strategic advantages such as improved reporting and reduced costs on external consulting.

Why Report Cyber Incidents?

CERT-UA emphasizes that reporting cyber incidents is not just a recommended option, but a strategic necessity. Real-time awareness of threats helps prevent large-scale attacks, enables timely recommendations for other stakeholders, and supports the development of a more systematic defense. Importantly, such reports can be submitted anonymously.

Key Recommendations for Businesses:

Subscribe to CERT-UA updates to receive real-time threat alerts.
Integrate IoCs into your systems to automatically block known threats.
Report all incidents—minor events contribute to overall risk analysis.
Engage in training and simulations to improve staff awareness and reduce risks.
Treat cooperation with CERT-UA as an investment—it minimizes financial losses and strengthens your public image.

If your company detects a cyber incident, it is recommended to report it to CERT-UA and the State Cyber Protection Center of the State Service of Special Communications and Information Protection of Ukraine. Contact information and details for reporting are available at: https://cert.gov.ua/contact-us https://scpc.gov.ua/uk/contact-us

For individuals facing phishing or other cybercrimes, please report incidents to the Cyber Police using the contact form at: https://ticket.cyberpolice.gov.ua/send

According to various studies, approximately 70% of cyber incidents are caused by human factors. This includes:

Opening malicious attachments in phishing emails;
Using weak or reused passwords;
Ignoring software updates;
Misconfiguring security systems;
Accidentally leaking confidential information. In particular, the Verizon Data Breach Investigations Report (2024) found that 68% of incidents stem from human error.

That’s why employee training, cyber hygiene, and phishing simulation campaigns should be a top priority for companies. To help minimize these risks, the Ukrainian government has launched the Diia.Education platform—an official national edutainment portal with up-to-date knowledge and skills.

CERT-UA experts recommend using the free resources at https://osvita.diia.gov.ua/cyber as a foundation for staff training. The platform offers tests, cyber hygiene guides, and educational video series designed to improve your organization’s cybersecurity posture.

The European Business Association sincerely thanks the experts from the SCPSSCIP and CERT-UA for the productive meeting, ongoing collaboration, and for sharing such valuable information with both businesses and the general public.