The Regulatory Authority for Electronic Communications and Postal Services (RATEL) – National CERT and the Serbian National Internet Domain Name Registry Foundation (RNIDS) co-hosted, on October 23, 2024, the second joint conference dedicated to cyberesecurity, offering a comprehensive insight into the current topics, initiatives and activities that help raise awareness about online threats, ways of protection and safer use of the Internet.  

The conference was opened by Duško Kodžić, director of the Cyber Security and IT Department of RATEL. Addressing to the participants, he highlighted the fact that during 2023 an increase by 40% of the reported incidents to the National CERT was recorded, with the trend continuing in 2024 as well. He explained that one of the reasons for the surge in the number of incidents is the sophistication of the preparation and execution of AI-assisted cyber attacks. Therefore, in the aim of ensuring an enhanced level of security, a continuous effort is needed in three basic segments, namely: the people, the processes and the technologies.

Dejan Đukić, director of the Serbian National Internet Domain Name Registry Foundation (RNIDS), said that cyber security must be in the general focus and that system maintenance and security measures need to be constantly kept on a high level, users’ security continuously monitored and education prioritized, asserting that this conference represents one of the ways to appropriately educate the public.

During the introductory address, the attendees were greeted by Nikola Bićanin, Deputy Minister for Information Society and Cybersecurity, Ambassador Jan Braathu, Head of the OSCE Mission to Serbia and Plamena Halacheva, Deputy Head of the EU Delegation to Serbia.

The greeting speech segment was followed by two presentations about new regulations aiming to further improve the security in cyberspace, where Pauline Malek, NCSC Netherlands, EU Cyber Balkans Project, explained various NIS2 Directive implementation levels in the EU countries. Representative of the Ministry of Information and Telecommunications, Milan Vojvodić, held a presentation titled „Draft Law on Information Security and the 2024-2026 Action Plan for the Realization of the Strategy for the Development of Information Society and Cybersecurity in the Republic of Serbia for 2021-2026”.

The above topic was discussed at the panel gathering domestic and foreign cybersecurity experts  moderated by Dejan Đukić, director of RNIDS. The panellists suggested the most probable challeneges while transposing the NIS2 Directive into national legislations, what kind of problems are expected to be faced by the economy and CERTs on one hand and what type of challenge is likely in front of the legislator, on the other.

In a follow-up, dr Marko Krstić, Head of the Cybersecurity and National CERT Affairs Division, talked about the National CERT’s ongoing activities, explaining the organization’s competencies and future plans.

An insight into the theme attracting a growing interest among the experts – Coordinated Vulnerability Disclosure, the role and situation of researchers and institutions in the process of alerting about the threats and their elimination, was provided by the collocutors of moderator Daniela Andrović (National CERT), that presented this topic from the researchers’, manufacturers’ and users’ point of view. The conference participants were able to get informed about an online training prepared as part of the activities titled "OSCE cyber/ICT security Confidence-Building Measure", the application of good practices in the Netherlands and the process of reporting the detected vulnerabilities.

As 70% of the Internet subscribers in Serbia use social networks, the next panel was reserved for discussions about a vast array of threats stemming from the latter, both in the context of platforms’ liability and the responsibility of users. Dijana Milutinović of RNIDS talked to experts who pointed to current threats, inadequate sanctions prescribed to penalize the platform owners, importance of the continuous education of users, including other legal measures still insufficient to equal the power of a single user ready to click on an unsecured link.

Representatives of the Cybersecurity Network Foundation spoke about two significant projects realized in the area of cybersecurity capacity building – Cyber Hero and competition 9/12, pointing out the importance of personal development and motivation of the young population.

The National Cyber Conference footage can be viewed on the following link.