Cybersecurity
Nowadays, when most data is in digital form, cybersecurity is an integral part of data protection.
Under the Act no. 69/2018 Coll. on Cybersecurity and on Amendments to Certain Acts, an operator of essential services is required to introduce security measures, and is also obliged to verify the effectiveness of the security measures and compliance with the requirements established by this Act. An operator of an essential service is anyone who meets at least one sector-specific criterion and one impact criterion.
As a company specialised in security services we can give you a helping hand and provide you with:
1) Analysis of sector-specific criteria and impact criteria – by means of a detailed analysis we will evaluate compliance with sector-specific and impact criteria to determine the potential impact a cybersecurity incident could have in an information system or a network. The result is a document helping you determine whether you are to be on the list of essential service operators.
2) Analysis of cybersecurity – if the analysis of sector-specific criteria and impact criteria proves that you have a legal obligation to be included in the list of operators of essential services, it is necessary to carry out an analysis of cybernetic security under the Act No. 69/2018 Z. z. and the National Security Authority Decree No. 362/2018 Z. z.
3) Proposed cybersecurity measures – based on the analysis of cybersecurity we can prepare tailor-made proposals for security measures (security documentation) in accordance with the National Security Authority Decree no. 362/2018, laying down the Content of Security Measures, the Content and Structure of Security Documentation and The Scope of General Security Measures.
4) Implementation of measures in the field of cyber security - we also implement draft measures. From secure access management, through data control and protection with protection against misuse, theft or other inappropriate handling of your company's data, to the protection of applications that clients regularly use in their work.
5) Professional personnel training – our experts can give your employees information on social engineering and cybersecurity. The training courses are held in direct interaction with the client and with regard to the general public.
6) Advice and consultation – provided for by our team of experts from the relevant fields. If necessary, we can represent you in proceedings before the National Security Authority.
For purposes of organising cyber security, we can provide a service of designating a cybersecurity manager who:
- may submit proposals and report the information in the field of cybersecurity directly to the statutory body of the operator of essential services,
- ensures the application of security measures in the cybersecurity management system,
- is independent of the operation management and development of information technology services, and
- meet the knowledge standards for the position of a cybersecurity manager according to a specific legal regulation.
