ZoKB 69/2018

ISO 27001

PCI-DSS

ZoKB 69/2018

The Law No. 69/2018 about Cybersecurity is the legislation of the Slovak Republic, that regulates obligations and rules in the field of cybersecurity. Its aim is to protect digital infrastructure from cyber threats and ensure the stability of information systems critical to society.

Main objective of the Law:

Ensuring Cybersecurity:
- Protecting networks, information systems, and data from cyber incidents.
- Minimizing the risk to critical infrastructure.
Implementation of the European NIS Directive:
- The law incorporates the requirements of the NIS Directive (Network and Information Systems Directive), which sets cybersecurity standards within the EU.
Protection of Strategic Sectors:
- Include sectors such as energy, transport, healthcare, water management, banking, financial services, digital infrastructure, and public administration.

Key definitions:

Operator of Essential Services (PZS): An organization or entity providing essential services critical to the functioning of society (e.g., energy, healthcare).
Provider of Digital Services (PDS): An entity providing services such as cloud computing, online marketplaces, or search engines.
Cyber Incident: An event that threatens the confidentiality, integrity, availability, or functionality of information systems.

Main obligations under the Law:

Identification of Essential Services:
Operators of essential services must identify the services covered by the law.
Security Measures:
Ensure appropriate technical and organizational measures to protect information systems.
Incident Reporting:
Obligation to report cyber incidents to the National Security Authority (NBÚ) within a defined timeframe.
Regular Audit and Control:
Operators of essential services must regularly conduct security audits and submit their results to the NBÚ.
Education and Training:
Employees and organizations must be familiar with risks and procedures for handling incidents.

Role of the National Security Authority (NBÚ):

Coordination of cybersecurity:

NBÚ serves as the main authority overseeing compliance with the law.

Prevention and incident response:

Establishment and coordination of the CSIRT.SK (Computer Security Incident Response Team).

Penalties:

NBÚ has the authority to impose penalties for violations of obligations under the law.

Sanctions can be financial (fines up to hundreds of thousands of euros) or non-financial (orders to remedy deficiencies, suspension of operations, etc.).

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by the GDPR Cookie Consent plugin. The cookie is used to store the user's consent for cookies in the "Analytics" category.
cookielawinfo-checkbox-functional	11 months	The cookie is set based on the GDPR cookie consent to record the user's consent for cookies in the "Functional" category.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by the GDPR Cookie Consent plugin. The cookie is used to store the user's consent to the storage of cookies in the "Necessary" category.
cookielawinfo-checkbox-others	11 months	This cookie is set by the GDPR Cookie Consent plugin. The cookie is used to store the user's consent for cookies in the "Other" category.
cookielawinfo-checkbox-performance	11 months	This cookie is set by the GDPR Cookie Consent plugin. The cookie is used to store the user's consent for cookies in the "Performance" category.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether the user has consented or not to the use of cookies. It does not store any personal data.

The most widespread and respected standards in one tool.

Main objective of the Law:

Key definitions:

Main obligations under the Law:

Role of the National Security Authority (NBÚ):

Book an online consultation

Fill out the form, we will contact you soon.