Appendix 4. Future Tech section

List of laws, bylaws, orders or recommendations that the Company considers when developing products and solutions
Country Regulator Laws, bylaws, orders or recommendations

Russian Ministry of Digital Development, Communications and Mass Media

Russian Federal Service for the Supervision of Communications, Information Technology and Mass Media

Bank of Russia

Russian Federal Service for Technical and Export Control

Russian Federal Security Service

Federal Law No. 187‑FZ dated July 26, 2017 On the Security of Critical Information Infrastructure of the Russian Federation

Federal Law No. 149‑FZ dated July 27, 2006 On Information, Information Technologies and Information Protection

Germany UP KRITIS: BSI, BBK BMI; BDEW; BNetzA IT Security ACT UP KRITIS; Namur 153; VDMA 66418; DIN2008; DIN2011
France ANSSI Critical Information Infrastructure Protection (CIIP) framework. CIIP law; Sécurité des activités d’importance vitale (SAIV); Décret 350, 351

National Cyber Security Centre.

National Protective Security Authority

OG86 — Cyber Security for industrial automation and control systems (IACS)
Spain El Centro Nacional de Protección de Infraestructuras Críticas El Plan Nacional de Protección de Infraestructuras Críticas
UAE UAE Cybersecurity Council NESA IAS
Saudi Arabia National Cybersecurity Authority OTCC Operational Technology Cybersecurity Controls
Turkey Ministry of Transport Maritime affairs and communications National Cybersecurity Strategy
India NCIIP Guidelines for the Protection of National Critical Information Infrastructure


CII Cybersecurity ACT

Cybersecurity code of practice for Critical information infrastructure