Improving cyber security a priority of Slovenia's EU presidency
Ljubljana - Improving cybersecurity across the EU will be one of the priorities of Slovenia's EU presidency during its six-month stint in the second half of the year. Uroš Svete, head of the country's Information Security Administration, says Slovenia will strive to improve the exchange of information among member states and boost security culture.
The Information Security Administration is a national body in charge of cybersecurity within the Public Administration Ministry, slated to become an independent government office. It has an inspection service and is also a contact point for cooperation with similar national bodies in other countries.
Iztok Prezelj, an expert on security from the Ljubljana Faculty of Social Sciences, says that Slovenia has already done a lot in cybersecurity.
"But since cyberthreats are so pressing and all-encompassing, and potentially harmful beyond imagination, there are still many challenges ahead," he has told the STA.
A major area where improvement is needed at national and EU levels is the exchange of information about cyber attacks, Svete and Prezelj agree.
EU members have centres to monitor the attacks and collect the data about them, yet the level of exchange of information is still too low, says Prezelj.
The existing EU directive on security of network and information systems, known as NIS 1, has already brought some basis for data exchange, says Svete, who apart from running the Administration teaches security in information society at the Faculty of Social Sciences.
However, it has become clear that small EU members in particular lack sufficient capacity and that very clear-cut protocols of exchange of information are needed.
"This will be definitely one of our priorities, to improve the existing situation taking it to a higher operative and response level in the entire EU," says Svete.
The ongoing review of NIS 1 will be one of the major challenges for Slovenia's presidency, both experts say.
"Slovenia as the presiding country and other EU members will have a lot to do to introduce common information security standards across Europe," says Prezelj.
One of the shortcomings of NIS 1 is a methodology defining which institutions are bound by the directive.
"There are for instance slightly more than 20 such subjects in Slovenia, while there are 10,000 in Finland," says Svete.
Although talks are still underway, he says the number of sectors covered by the directive and the number of subjects bound by it would increase as part of its revision.
It now covers sectors such as transport, healthcare and food supply, but is likely to expand to cover providers of digital services and electronic communications.
Another challenge for Slovenia and the other EU member is increasing security culture, which entails to what extent people are aware of this problem or are prepared to react to it, and how developed their defence mechanisms are, according to Svete and Prezelj.
"Cybersecurity of the entire EU is one of the main priorities of Slovenia's presidency. This means improving response to major cyber crises. There is still a lot to be done here," says Svete.
The role of cybersecurity was also highlighted by Prime Minister Janez Janša as he addressed Slovenian diplomats last week, a month before the EU presidency.
He warned that individual EU members could not address constant cyber threats effectively enough, so the EU should build a common fire wall to fight the threat. "It's clear that the EU must build a common fire wall, common capacity to fight this threat," he said on Tuesday.