The National Council of the Slovak Republic has already approved a significant amendment to the Cybersecurity Act, which will take effect on January 1, 2025. The bill was passed by a vote of 117 members of parliament.
The amendment is not revolutionary, but it is crucial for security. In practice, it will help reduce the risks associated with technological progress and digitization, while also raising the overall level of cybersecurity in Slovakia.
The changes also concern the identification of obligated entities. The amendment regulates the method for determining operators of essential services based on specific criteria, such as size. The law will be expanded to cover new sectors and regulated services, while also introducing the concept of a “critical essential service” as a metric for assessing the risk and criticality of entities.
The amendment also introduces new security standards. Measures in accordance with the #NIS2 Directive will be implemented to strengthen cybersecurity hygiene. The categorization and classification of information will be replaced by risk analysis as a tool for applying security measures. Responsibility for security measures within the supply chain will also be established.
Information sharing will also become more efficient. Reporting of cyber threats, vulnerabilities, and incidents will improve, thereby increasing awareness of cyber threats and enhancing entities’ ability to prevent cyber incidents.
The amendment will also introduce changes to sanctions. It will bring about a more effective sanctioning mechanism and a new approach to administrative sanctions, which will contribute to greater discipline in the area of cybersecurity.
This step significantly contributes to the protection of our digital infrastructures.
