Cyber security is a major competency that was assigned to the Authority effective January 1st, 2016. However, the Authority’s activities in this area began long before the official handover date. In February 2009, the Authority was named the NATO contact point and began to shape itself as the national authority vis-a-vis the alliance in this specialised area.
Within efforts to build out its competencies, the Authority regularly participated in international cyber training exercises (Cyber Coalition, Locked Shields and Cyber Europe). Outside of NATO and EU activities, the Authority engaged in the informal Central European Platform for Cyber Security, which brings together security incident response centres in the countries of the Visegrad Four and Austria.
The Slovak government supported the Authority’s ambitions in 2014 with the approval of the Preparations of the Slovak Republic to Fulfil Cyber Defence Tasks document and in particular a year later with the adoption of a key strategic document, the Cyber Security Strategy of the Slovak Republic for 2015 – 2020, which lays out an institutional framework containing the Authority as the central body for cyber security. Specific proposals from the strategy have been transposed into amendments of the Act on Competencies, which resulted in the Authority becoming the central government body for cyber security.
Developments continued in 2016. A second generation Memorandum of Understanding between NATO and Slovakia was signed in January and in March the Slovak government approved the Action Plan for Implementing the Strategy, which defines the methods and tools Slovakia will use to attempt and mitigate the risks and threats originating from cyberspace and adopt legislative, technical and coordinating measures.
The Act on Cyber Security has been already approved by National Council of Slovak Republic (National Parliament) and It will enter into force on April 2018. The aim of the Act is mainly to cover comprehensively cyber and information security, introduce basic security requirements and other measures critical for coordinating the protection of information, communication and management systems. At the same time, the European NIS Directive on network and information security is being transposed into Slovak legislative.