An overview of the state of information security in Croatia

"COVID-19 showed us how blind we can be if we do not test regularly or do not have the technical or human ability to recognize the incident. It also showed us how quickly and exponentially the problem can grow if we do not react in time," said Vlatko Kosturjak. CTO, Diverto.

The latest period was marked by the hyperproduction of application solutions, with many companies ignoring the need for risk analysis. This has led to the emergence of some vulnerable applications that do not protect business and personal data in an acceptable way. Most of these vulnerabilities relate to applications that require the transfer of user documentation to service providers.

We are witnessing an increase in the likelihood of events such as fires, floods or the collapse of buildings. The traditional strategy for responding to earthquake risks, for example, is the partial transfer of risk to a third party (the insurer), that is, the contracting of fire and related risk insurance policies. The earthquake, in addition to the situation related to the COVID-19 virus pandemic, is only a reminder of the importance of systematic maintenance and testing of realistic business continuity plans.

The sudden shift to increased workload from home, as well as work in unpredictable situations, has shown how important human readiness and awareness are in maintaining an acceptable level of information security. In organizations where there is insufficient awareness of the importance of information security, it is more difficult to implement the necessary measures during unforeseen or crisis situations.

The full overview of the recommendations of Diverto, one of the leading companies in the field of information security, can be downloaded (Croatian) here.