SECURITY STUDIES AND RESEARCH CENTER
Compliance Navigator
“The great task of legislation is not to make the people virtuous, but to make it possible for them to live together in safety and freedom” Lord Acton
We investigate the regulatory landscape of information security and develop tools that enable actors to navigate complex compliance requirements, meet normative obligations, and contribute to the construction of
a coherent and resilient legal framework for
the digital domain.
The contemporary legal architecture of information security, both at the national and international levels, is evolving in a context of regulatory turbulence. The rapid advancement of digital technologies, the proliferation of cybersecurity threats, and the transformation of approaches to critical infrastructure protection, personal data regulation, and digital sovereignty necessitate a systematic reassessment and ongoing refinement of legal and institutional mechanisms.
This project is dedicated to the analytical and conceptual support of the regulatory landscape in the fields of information security and digital resilience. We conduct a systematic analysis of the current legislation of Ukraine and the European Union, including normative acts governing cybersecurity, critical infrastructure protection, data protection, digital identity, and the continuity and resilience of public digital services.
A particular focus is placed on the development of an open-access analytical platform, where key legal documents are aggregated, structured, and classified. Definitions and terminologies found in legal acts are systematically reviewed and refined within a unified glossary framework, with the aim of improving conceptual coherence and practical applicability. Based on this analysis, we construct regulatory profiles of both individuals and legal entities, each associated with a set of legal obligations, rights, and areas of responsibility defined by the applicable regulatory acts.
RESEARCH FOCUS
– Structural and content analysis of Ukrainian and European legislation relating to information security, cybersecurity, critical infrastructure protection, personal data regulation, and digital services;
– Development of a unified glossary of special definitions and terms used across regulatory documents in the digital governance domain;
– Construction of subject-specific compliance profiles and systematisation of legal requirements for various categories of physical and legal persons;
– Expert engagement in public consultations, including annotated commentaries on draft regulations and the formulation of proposals and amendments during legislative processes;
– Advancement of an open digital tool for adaptive navigation across regulatory requirements, designed for application in information security management, infrastructure governance, and corporate compliance environments.