In December 2021, the Council of the European Union, of which the presidency was held by Slovenia, reached a consensus on the wording of the NIS2 Directive, due to replace the current NIS Directive (2016/1148) in force since 2016, and the Critical Entity Resilience Directive (CER), due to replace Council Directive 2008/114/EC of 8 December […]
A government proposal to amend the National Cybersecurity System Act (CSA) has been published after many weeks of public statements. The proposal is somewhat similar to the proposal for an amendment to the act of last year, which was discussed in our previous international newsletter. However, it contains a range of new solutions not announced […]
The implementation of the NIS Directive in the Member States led to additional obligations for certain digital service providers, including in areas such as ensuring cybersecurity or incident reporting. After four years, the existing regulations were found to be insufficient, and a proposal for NIS Directive 2 was published, expanding the group of entities concerned […]
On 15 October 2021, the Ministry of Climate and Environment released recommendations on measures to improve cybersecurity in the energy sector and industry guidelines on incident reporting. The recommendations were drawn up on the basis of art. 42(1)(5) of the National Cybersecurity System Act of 5 July 2018, following consultations with CSIRT NASK, CSIRT GOV, and CSIRT MON, and operators of essential services in the energy sector.
Even last year, plans were announced to amend the Act of 5 July 2018 on the National Cybersecurity System (CSA), and the first draft of the bill was submitted for public consultations on 7 September 2020. Since then, the envisaged amendment has been revised repeatedly in the course of legislative work, and the final version […]