The conference guests, entitled Cyber Security – Challenges for Users of Digital Services, discussed the challenges of digital transformation in the context of cybersecurity and how to address them.
In Brdo Pre Krango, organized by the Gornjska Regional Development Agency, Kranj Municipality and co-organizers SRIP PMiS and IPM Digital, invited experts, politicians and a representative of a world-renowned company emphasized the importance of awareness and active work in the field of cybersecurity.
The auditorium was greeted with full capacity by the Chairman of the Gornjska District Council and the Mayor of Kranj Municipality. Matjay Rakovic and Director of the Regional Development Agency in Gorenjska, BSC, doo, Kranj, Rock Simink. Rakovic touched on the importance of technological progress and the challenges it brings. He notes that “according to the European Commission, cyber-attacks are one of the fastest growing forms of crime – in 2020, it cost the global economy €5,500 billion, double what it was in 2015.” Therefore, it is necessary to raise a culture of awareness, it is necessary to regulate and legislate … Rakovic highlights such events as an important step towards presenting potential dangers in terms of individual ignorance and cybercrime. Siemens also framed the conference as one of the region’s strategic directions – noting that Goringska is the first region in the country where 18 municipalities have developed a regional strategy for digital transformation. He added: “We live in turbulent times when some risks are visible to us, others are hidden from view – and the latter threaten us even more, so we have come to realize that cybersecurity is an important part of our lives, both commercial and private.” .
Honorary Guests of the Conference, Minister of the Government of the Republic of Slovenia’s Office for Digital Transformation Mark Boris AndrijanicMinister of Public Administration of Republika Srpska Boštjan Koritnik Deputy Prime Minister of the Republic of Slovenia and Minister of Defense Mag. Matej Tonin, united in emphasizing the importance of cyber security both in Slovenia and abroad. “Digital transformation and cybersecurity are among the most important topics of the Slovenian Presidency of the Council of the European Union,” Andrijanic said, referring to the many actions taken by the Digitalization Strategic Council, the importance of coordination between friendly countries, and an independent office for information security. And many strategic partnerships. He added that most of the work will be required in the field of digital inclusion, which is why the Digital Inclusion Act itself, which provides free digital skills courses for all generations and raises awareness of the importance of cybersecurity, is so important. “We can take care of it ourselves to the fullest,” Andrijanič points out.
“Digitization increases the risk of cyber-attacks, so it requires a systematic approach from countries,” Koretnik noted. He added that attacks know no borders, which is why Slovenia firmly believes that Europe and its allies should further enhance their resilience, as well as build trust, leading to information sharing and thus enhancing Europe’s resilience in the face of threats and attacks. The first legislation in the field of cybersecurity towards sector resilience and a higher degree of coordination is also important.
mag. Matej Tonin is the largest project in the country or. The Ministry of Defense offered to create a cyber training zone, where not only at the level of state administration, but also at the level of the economy, it is possible to duplicate and copy systems in a special online training zone. This type of polygon allows for training and testing, so that the performance and robustness of the system can be tested without serious damage or consequences. He also stressed the importance of cyber precautions, who help in solving them when problems arise. “We still have a lot of work to do if you compare the work of Slovenia and other NATO countries – we still have a long way to go, but it is necessary that we achieve our goal more easily,” Tonin added.
Milan GaborKeynote speakers at the conference, Director Viris, an information security expert and ethical hacker, highlighted the speed and scale of cyber attacks in his address. “The faster we go online, the faster we can target the attacker. The attackers get very close, very quickly.” However, when running simulations in companies, he is happy to note that the percentage of those who fail tests – for example, upload a file, enter data – is decreasing over the years. If seven years ago it was about 60%, now it’s down to 30-40%, which is still a lot, he warns. Unfortunately, human inattention is often the main reason behind an online attack. He adds that in addition to highly vulnerable smart devices, we have unwise users, highlighting the importance of digital hygiene and digital identity. According to Gabor, the rapid assessment of cyber security in Slovenia also highlights the following positive points: electronic vouchers for companies, placing Slovenia on the electronic map in Europe and the Locked Shields 2022 cyber defense and strategic decision-making exercise. Education and more cooperation. “Cybersecurity is the key to the future in all areas,” Gabor added.
How does the public administration care about (cyber) security? doctor. Tilen Gorenšek, Director of IPM Digital, results of a survey on cyber security for municipalities and municipal institutions. The results show that there is no strategic handling of cybersecurity challenges (the national security system of the Republic of Slovenia) and integration between municipalities (regional and municipal joint administrations…), and a cybersecurity strategy would also be welcome. He added, “The research highlights the importance of an integrated (holistic) approach to digitization and digital transformation, as the domains (digital culture, digital competencies, cybersecurity…) are intertwined. Public administration employees seem to be very concerned about unauthorized access to municipal and other data. There was also poor knowledge of how to deal with cyber incidents and a general lack of structure and organization in managing and using cybersecurity. For example, nearly 90% of respondents believed they were more secure against cyber-attacks, suggesting a security paradox – a seemingly less attractive target devotes less time and attention to protection, making it more attractive to potential cyber-attacks.
At a round table moderated by Assistant. the professor. Dr. blush markelj From the School of Security Sciences, University of Maribor, they provided their views and experiences: mag. Matej ToninMinister of Defense of the Republic of Slovenia, Dr. Iztok PodbregarFaculty of Organizational Sciences, University of Maribor, Christmas GorazdSI-CERT, Michael NgeeljHead of the Cyber Security Department at the Chamber of Commerce and Industry and ICT Coordinator, His Majesty the King – Cyber Security, Milan Gabordirector of Viris, and Ratko Mutavdzic, Regional Technology Officer for Central and Eastern Europe, Microsoft. During the hour-long discussion, experienced speakers discussed Slovenia’s cybersecurity assessment, appropriate legislation, individual competencies and opportunities for improvement. Motavdic noted the attitude and cooperation of all stakeholders involved, which is crucial to introducing innovations and changes. A good example is Microsoft and SI-CERT, which work together to report cyber incidents, and their cooperation is subject to an agreement. All speakers highlighted medium and small businesses as the most vulnerable. “It is necessary to build on awareness,” Bocic stressed. Similarly, Nagel: The concept of state aid in the form of vouchers has brought about positive changes, as companies make extensive use of available standards. We need to realize, he says, that all companies, whether they are obligated to report incidents or not, will report them, and at the same time we must realize that the information provided to SI-CERT will not be misused, but will be used beneficially.
doctor. In this context, Podbrigar also noted the need for an interdisciplinary approach – it is necessary to take into account the aspect of social sciences, he added. Mastering the technological field is important, but sees the need for a higher level of understanding. The problem also lies in our perception of whether security is a good or a cost. This leads to the fact that often security appears to be a cost”, for example when something happens that has a broader impact on the security, and this leads to an overreaction and thus the cost of the situation.
“Despite the vastness of cyberspace, it provides a framework for legislation,” Markelge began the debate on the legislation. doctor. Podbregar pointed to the many gray areas due to fragmentation and the frequent question of who is responsible for problem-solving when a problem arises, which is a risk. He added that when preparing legal solutions it is necessary to be rational in terms of the number of laws, and the requirements must be carefully considered, which was also confirmed by Božič. He says the legislation is a clear reflection that we don’t know how to think long-term. “We have to look beyond the abstract legal framework – if we don’t know who is responsible, there will be a problem,” he added. In the area of legislation, however, Nagelj noted that there are still some areas where laws encourage many activities, such as the GDRP, which is certainly welcome. Tonin criticized the fact that changes in the field of legislation would initially require changes in organizational culture and approach. He added that only the administration would need education.
Collaboration, knowledge and understanding of the field were often mentioned at this event, which is also reflected in the main guidelines of the conference, which were finally introduced as the basis for the note, a key document of the conference. Protection from cyber threats largely depends on their knowledge. Knowing the “real” value of the data we “work with” on a daily basis is critical in assessing cyber risks and additional investments in cybersecurity. Reporting incidents in cyberspace, both nationally and internationally, gives the user and society a “real” view of the risks that exist in cyberspace. Education and awareness on the safe use of ICT equipment in cyberspace is an important part of ensuring a safer society.