Prizadevanja Slovenije za obvladovanje groženj v kibernetskem prostoru

Samo Maček; Franci Mulec; Franc Močilar

doi:10.31449/upinf.20

Authors

Samo Maček Generalni sekretariat Vlade RS, Gregorčičeva ulica 20, 1000 Ljubljana
Franci Mulec Ministrstvo za zunanje zadeve, Prešernova ulica 25, 1000 Ljubljana
Franc Močilar Ministrstvo za zunanje zadeve, Prešernova ulica 25, 1000 Ljubljani

DOI:

https://doi.org/10.31449/upinf.20

Keywords:

cyber security, information systems, threats, strategy, precautions

Abstract

The paper presents the current efforts of the EU and the Republic of Slovenia (RS) aimed at managing the challenges faced in the field of cyber security. Terrorism and organized cybercrime are becoming major threats to the democratic society and its values. The European Union (EU) has adopted a number of measures in this respect. The European Agenda on Security has established guidelines for the response of the EU to security threats for the period between 2015 and 2020. Cyber security has become an integral part of every country’s national security as well as of the security of the international community. Slovenia has been adapting to and following the measures undertaken at the EU level. At the beginning of 2016, the Government of the RS has adopted a strategy on cyber security and in April 2017 established a national body in charge of cyber security. From the broader perspective, it is important to boost confidence at the state level, professional competence of employees and knowledge transfer in the field of cyber security. These tasks and documents will set up the basis for the effective and comprehensive provisioning of cyber security in the country. This is particularly important since the human factor always turns out to be the weakest link. Technology cannot guarantee security if users are not properly trained, are not aware of the threats or do not apply the measures aimed at managing these threats. We will demonstrate how government bodies respond to the modified structure of risks in cyberspace where the seamless implementation of the functions of the state is ensured through the functioning of systems that are vital for attaining this objective. Activities carried out at the operational level follow European and national policies and guidelines. In this context, we also provide examples of operational measures aimed at coping with the growing risks that are implemented in the government information system and the systems in the field of foreign affairs.

Author Biographies

Samo Maček, Generalni sekretariat Vlade RS, Gregorčičeva ulica 20, 1000 Ljubljana

Samo Maček je po izobrazbi magister znanosti s področja računalništva in informatike. Zaposlen je kot vodja Sektorja za informatiko v Generalnem sekretariatu Vlade RS, kjer med drugim opravlja naloge na področju informacijske varnosti, informacijskih sistemov za obravnavanje tajnih podatkov, razvoja spletnih aplikativnih rešitev ter upravljanja dokumentnih in relacijskih baz podatkov. Pred tem je vodil Oddelek za organizacijo in kadrovsko informatiko na Ministrstvu za notranje zadeve. Razvil je številne informacijske rešitve, ki so v uporabi v vladnem informacijskem sistemu, organih državne uprave in gospodarskih družbah.

Franci Mulec, Ministrstvo za zunanje zadeve, Prešernova ulica 25, 1000 Ljubljana

Franci Mulec je magistriral na Fakulteti za organizacijske vede Univerze v Mariboru. Zadnjih 15 let se ukvarja z razvojem in zagotavljanjem informacijske varnosti visoko varnih sistemov. Je arhitekt več sistemov Republike Slovenije, član ISACA (Information Systems Audit and Control Association) in nosilec CISA (Certified Information Systems Auditor).

Franc Močilar, Ministrstvo za zunanje zadeve, Prešernova ulica 25, 1000 Ljubljani

Franc Močilar je diplomiral in magistriral na Fakulteti za računalništvo in informatiko Univerze v Ljubljani. Zadnjih 15 let se ukvarja z zagotavljanjem informacijske varnosti. Leta 2005 je opravil izpit in pridobil potrdilo CISSP (Certified Information Systems Security Professional) mednarodne neprofitne organizacije ISC2 (http://www.isc2.org) za preverjanje znanj in podeljevanje ter vzdrževanje potrdil s področja varovanja informacij. Zaposlen je na Ministrstvu za zunanje zadeve RS.