The new institution will assume responsibilities related to information security from the national Office for the Protection of Classified Information.

It will also assume some tasks now under the purview of SI-CERT, Slovenia's national cybersecurity incident response centre, whose role will somewhat change.

The administration will be the main coordinating body within the country's cybersecurity system and will serve as the point of contact for international cooperation.

Svete, a professor of defence studies at Ljubljana's Faculty of Social Sciences, has led the agency, which is part of the Public Administration Ministry, as acting director since 1 July.

He has told the STA that the ministry and the new agency have been very busy improving the organisation of information security at the national level.

They are working on a list of organisations key to national security (formerly known as critical infrastructure) and on new security rules for them.

The list will feature a number of public and private organisations from nine areas, including healthcare, environment, energy and digital services, says Svete.

"For strategic reasons, the list will not be public, as the state would not want to disclose which organisations are key to its functioning not to attract the attention of potential cyber villains," he says.

All organisations on the list will be obliged to report about every single cyber incident to SI-CERT, he explained.

As things stand now, private organisations are not obliged to report about incidents to SI-CERT.

However, whether the public is also informed about them will be decided on the basis of whether a certain cyber attack affects some key service such as banking, or the provision of goods, says Svete.

Although hackers may not seem to be very interested in Slovenia, August's attack on Lekarna Ljubljana, Ljubljana's chain of pharmacies, shows the country can be a target of cyber crime, says Svete, who believes Slovenia as a state and society will have to improve its culture of IT security.

"Merely closing the IT systems of companies and of the public administration will not do the trick, people will have to start using their smart gadgets in a more responsible way."

He also highlights the fact that malware is not the only risk, it is also direct attacks, for instance those using the electromagnetic field.

As for the slightly changed role of SI-CERT, the institution will remain the country's main operative capability of cybersecurity.

Svete expects that once the list of critical infrastructure is approved, SI-CERT will be busier dealing with cyber incidents since also some private entities will have to report to it.

It will also remain the point of contact for communication about security incidents with other countries, while transferring some of its "less operative tasks" on to the new administration.

Once the list of critical organisations and the rules on their responsibilities have been endorsed, the administration will start carrying out checks, as part of which it will have an option of demanding that an organisation upgrades its IT system, Svete says.