In today’s digital environment, protecting your business from cyber threats is essential. Cybersecurity ensures the safety of sensitive data, continuity of operations, and compliance with regulatory requirements, while mitigating financial and reputational risks.
Loialte IT provides comprehensive cybersecurity services in Uzbekistan, including:
By partnering with Loialte IT, your company ensures professional protection against cyber threats, safeguards critical data, and maintains operational continuity, creating a secure digital environment for sustainable business growth in Uzbekistan.
Under the Presidential Decree No. UP-38 (March 10, 2026), Uzbekistan has launched a new National Cybersecurity Strategy for 2026–2030. Legally, critical information infrastructure (CII) operators and state-linked organizations are now required to establish specialized cybersecurity units or outsource these services to registered providers. For private companies, particularly IT Park residents, there is a legal mandate to implement unified state cyber-protection standards. Practically, the State Security Service now oversees a special electronic platform to identify vulnerabilities through bug bounty programs and stress tests. Legally, any organization managing large-scale public data must comply with the 2026 “Zero Trust” framework. Failure to report a significant cyber-incident within 24 hours can lead to immediate administrative investigations and potential suspension of the company’s digital operations.
A major legal shift occurred on March 27, 2026, when amendments to the Law “On Personal Data” officially dismantled the strict, blanket localization regime. Legally, mandatory domestic storage is now restricted only to biometric, genetic, and telecommunications-specific data. Practically, for all other types of data, companies can now use international cloud services (like AWS or Azure), provided they use “Standard Contractual Clauses” or “Binding Corporate Rules” approved by the data protection authority. Legally, cybersecurity providers must now audit their clients’ data cross-flow to ensure compliance with this new “tiered” storage model. This reform aims to integrate Uzbekistan into the global digital economy, but it increases the legal responsibility for cybersecurity firms to ensure “equivalent protection standards” for data stored abroad.
In 2026, the Code of Administrative Responsibility was updated to introduce significantly higher fines for mass personal data leaks, often triggered by “cyber-negligence.” Legally, if a company fails to implement mandatory encryption or multi-factor authentication for sensitive databases, the directors can face personal liability. Practically, following the high-profile leaks in early 2026 involving over 15 million records, the Ministry of Digital Technologies has intensified unscheduled “cyber-audits.” Legally, a company found to have “knowingly ignored” critical security patches can have its VAT certificate suspended and its management permanently barred from holding executive positions in IT Park entities. Maintaining a “Cyber-Compliance Certificate” is now the primary legal defense against these catastrophic penalties.
Yes, the 2026 Cybersecurity Strategy explicitly encourages the use of independent experts to identify system vulnerabilities. Legally, the State Security Service has authorized a list of “Ethical Hacking” platforms where private and state companies can host competitions (Bug Bounties). Practically, this allows companies to legally “stress-test” their digital infrastructure without violating the Criminal Code (Article 278) regarding unauthorized access. Legally, any vulnerability discovered through these authorized channels must be reported via the national cyber-response system. This “Open-Source Defense” model is designed to strengthen national resilience by leveraging the local and international developer community.
Yes, cybersecurity and information security services remain a core activity eligible for full IT Park residency benefits in 2026. Legally, this includes a 0% Corporate Income Tax and a reduced 7.5% Personal Income Tax for specialists. Practically, starting April 1, 2026, the IT Park has introduced a “Differentiated Contribution System,” where the 1% fee may be reduced for companies that primarily export their cybersecurity services. Legally, to maintain these benefits, the company must ensure that its activities are strictly categorized under the “Information Security” HS codes. This fiscal support makes Uzbekistan a highly competitive hub for regional security operation centers (SOCs) in 2026.
Phone
Phone
Phone
Uzbekistan, Tashkent
United Arab Emirates, Dubai
Phone
Phone
Phone
Uzbekistan, Tashkent
United Arab Emirates, Dubai
Developed By Web Features 2026 All Rights Reserved
