HUP-ICT Conference: 'EU Cyber Act an opportunity to boost the competitiveness of the Croatian ICT sector'

Konferencija HUP-ICT | Digital Skills & Jobs Coalition Croatia

There is no denying that cybersecurity is one of the fastest growing digital areas. The EU and Croatia have an acute shortage of IT specialists with cybersecurity knowledge and skills. On European level, recently adopted legislation places new security obligations for EU Member States, who need to strengthen cybersecurity standards on national level.

A Conference dedicated to cybersecurity was organised by HUP-ICT and CARNET with the aim of discovering how to make the most of the new Cyber Act, boost the domestic ICT sector, and continue to provide competitive digital solutions on a global scale.

Translating policy & legislation - EU to national level

When implementing major legislation like the EU Cybersecurity Act, some balance should be kept in mind: on the one hand, monitoring the impact of new obligations on entrepreneurs; and on the other - ensuring significant and continuous investment in strengthening cybersecurity standards.

For national policymakers, legislation like the Cyber Act should be an opportunity to give yet another boost to the domestic ICT sector, which has a vast array of knowledge on specific challenges.

Safety first!

The regulatory framework on cybersecurity implementing the NIS2 EU Directive in Croatia raises awareness of business security in the digital space and the necessity of implementing cybersecurity measures should be applied taking into account the necessary levels of entrepreneurial investment. According to global practice this varies from 7% of the total IT budget for an average company to 10% for highly digitized companies.

The message of the conference, organised by CARNET and HUP and held on 28 August 2024 in Zagreb, Croatia therefore was: “Security first – everything you need to know about legal obligations and protection against cyber attacks”.

The conference brought together over 300 entrepreneurs and representatives of the Security and Intelligence Agency (SOA), the Croatian National Bank (HNB), the Croatian Financial Services Supervisory Agency (HANFA), the Ministry of Economy, the Croatian Regulatory Authority for Network Industries (HAKOM), the Institute for Information Systems Security (ZSIS) and the Croatian Academic and Research Network (CARNET), together with representatives of domestic companies engaged in the development of cybersecurity solutions, as well as representatives of the academic community. The conference was enhanced by General Ivan Pokaz, envoy of the Minister of Croatian Veterans' Affairs and Deputy Prime Minister of the Republic of Croatia Tom Medved.

Event recording: get cyber skilled in no time

Croatia adopted a new national Cyber Security Act earlier this year, in February. The goal of the legislative piece is to define concrete requirements in the context of strengthening cyber security for the private and public sectors and elaborate them together with all relevant actors.

The regulation expands the scope of the sector - from the previous 7 to a total of 19 critical sectors such as energy, transport, health, water, digital infrastructure, education, postal and courier services and the public sector. Another aim is to raise the level of cybersecurity of the entire business of companies, including their supply chains. Want to know more?

Watch the video from the conference here: KIBERNETIC SECURITY HUP CONFERENCE: Everything you need to know to protect yourself from cyberattacks - YouTube

Diving into the specifics: some recommendations

It's important to ensure a balance between new obligations for entrepreneurs in terms of investment and raising the overall standard of cybersecurity in Croatia, in a way that new obligations for entrepreneurs are proportionate not only to the size of the company but also to the type of business and take into account the current cyber exposure of the company. What is more, a significant opportunity to encourage the domestic ICT sector through regulation exists, which already has developed knowledge and solutions to strengthen cyber security that are also competitive on a global level. According to Irena Weber, Director General of the HUP,

“The cooperation between the CEA, the Government and the institutions involved in the drafting of regulations achieved in this legislative process is a guarantor to ensure the quality implementation of the new Cyber Security Act. The goal is to simultaneously raise the level of cyber security in Croatia, strengthen the resilience of critical systems, encourage the development of domestic companies that already have developed products and knowledge in the field of cyber security, while making sure that all together does not lead to an unnecessary burden on the economy. And the knowledge and experience of the domestic ICT sector is invaluable.
Croatia has an extremely strong ICT sector with over 8,000 entrepreneurs and almost 55,000 employees, which not only stands out in our economy with growth and added value, but has become its catalyst. A quality regulatory environment for cyber security can be a new impetus for domestic service developers who can benefit domestic entrepreneurs, but who are already presenting global products today”.

**Irena Weber, Director General of the HUP | © Digital Coalition - Croatia**

The new regulation places emphasis on cyber security risk management measures and the obligation to notify competent authorities of significant incidents and serious cyber threats, and on the need to conduct a self-assessment and audit process.

During the conference, the National Coalition for Digital Skills and Jobs and the Working Group on Cyber Security within the CEA and, which brings together over 80 experts from CEA member companies, were presented. This group will play a key role in providing advisory and implementation support to entrepreneurs in adapting to the new regulations.