Regarding the designation of the National Security Authority (hereinafter referred to as “the Authority”) as the National Authority for Cyber Security since January 1, 2016, the Authority has established the Slovak Computer Emergency Response Team (SK-CERT). It provides national and strategic activities in the field of cyber security management, threat analysis as well as coordination of national security incident resolution.
- Creating and distributing security bulletins and alerts containing current information on cyber threats, product vulnerabilities, cyber-security incidents, or other cyber-related information,
- Monitoring, detecting and evaluating cyber-related incidents and threats at national level,
- Resolving cyber-security incidents and their coordination at national level, eliminating their impact, and then restoring the operation of information systems in cooperation with the owners and operators of the systems concerned,
- Strategic analysis of incidents, vulnerabilities and threats at national level,
- Creating background for strategic decision-making on cyber security,
- Security and operational monitoring services,
- Forensic analysis, malware analysis,
- Keeping track of trends in cyber security and new opportunities,
- Increasing cyber security awareness by publishing of articles, knowledge standards, advice and recommendations,
- Sharing information with national and international partners,
- Cyber-security education and training,
On April 1, 2018, went into force The Act No. 69/2018 on Cyber security and on the amendment of certain laws defining the roles, rights and obligations in the field of cyber security. At the same time, this law determines the role of the National Security Authority as the National CSIRT Unit, with this task being performed by the independent unit National Unit SK-CERT.
The National CSIRT Unit, SK-CERT performs various tasks under the law in the Slovak cyberspace:
- fulfills the notification and reporting obligations towards the competent authorities of the European Union and the North Atlantic Treaty Organization, and participates in and supports the development of national and international partnerships in the field of cyber security,
- ensures the membership of the Slovak Republic in the cooperation group and in the network of CSIRT units,
- cooperates with central authorities, other state administration bodies and CSIRT units, basic service providers and digital service providers in the performance of their tasks under this Act,
- systematically acquires, gathers, analyzes and evaluates information on the state of cyber security in the Slovak Republic,
- provides and is responsible for coordinated cyber security incident resolution at national level,
- resolves cyber security incidents, announces a warnings and issues a warning of a major cyber security incident, imposes an obligation to take a reactive action, and approves a security measure,
- announces early warnings,
- receives national reports on cyber-security incidents,
- receives reports on cyber security incidents from abroad and ensures cooperation with international organizations and authorities of other states in dealing with cyber security incidents with a cross-border nature.
The beginning could be marked on May 1, 2009, when a Cyber Protection Department of Information Security and Electronic Signature was created within the organizational structure of the Authority, which included the Department of Computer Security and Incident Response (since 1.1.2011) CS CSIRC Computer Security Incident Response Center). Since its formation, this department has fulfilled the roles of the CSIRT-type unit for the needs of the Authority, the National Contact Point for Cyber Protection to the North Atlantic Treaty Organization, other activities resulting from the Memorandum of Understanding between the Member State (Slovak Republic) and NATO. It was part of the European Warning System NSIAM (as a contact point for the SR), which expired on July 1, 2017.
To support these activities, the Authority has put into operation the first phase of the independent communication tool for the cyber security incident resolving, early warnings and co-operation within the state bodies KIS Apeiron.
The unit was constantly developing its operational activities, which resulted in the Directorial order from March 21, 2014, which commissioned to establish the Security and Operational Monitoring Center SK CSIRC. Its scope (activities) has expanded, including the role of guarantor for cyber security in the National Security Analytical Center. The new unit has regularly begun to publish formalized documents (Bulletin, Appeal, Report, Warning, Flash Report) within the scope of KIS classification and blacklists.
The present time
With regard to the designation of the Authority as The National Authority for Cyber Security, since January 1, 2016, the Authority has established a new specialized unit National Unit SK-CERT. The original CS CSIRC unit has dissolved by incorporation into SK-CERT.
This is also related to the development of partnership with the EU and the European Network and Information Security Agency (ENISA). Since January 1, 2016 the Authority has the position of the National Contact Point for Cyber Security to the European Union. This includes, inter alia, a strong international representation at the level of the working groups of the Council of the European Union and the EU Commission as well as the building of effective partnership with ENISA, in which the representative of the Authority is also a member of the Administrative Board representing the Slovak Republic.
An important SK-CERT milestone was international recognition in the form of Trusted Introducer’s accredited status, as well as membership in the Forum of Incident Response and Security Teams (FIRST). Membership in these organizations is an important aspect for SK-CERT, which supports the activities and tasks of the National CSIRT Unit, international partnerships and also provides access to the latest knowledge in cyber security. By gaining membership in FIRST, SK-CERT became a full member of the international community as a National CSIRT Unit.
Another activity is also a participation in international exercises to check the readiness of CSIRT teams in the technical, procedural and decision-making areas. Such exercises are, for example, Locked Shields, Cyber Coalition (both organized by NATO), Cyber Europe, CyberSOPEX (both organized by ENISA), CyberEx and many others. The National Unit SK-CERT regularly represents Slovakia on these international exercises, while in selected exercises SK-CERT team invites representatives of various other organizations to participate in regards to better co-ordinate and co-operate in dealing with incidents.