The Government of the Republic of Serbia adopted the Draft Law on Information Security on June 21, marking a significant step forward in establishing an information security management system in Serbia.
The amendments to the law primarily address the following:
- Classification of operators based on criticality
- Strengthening the role of CERTs
- Enhanced oversight of the implementation of provisions and penalties
- Introduction of obligations related to risk assessment and risk management
- Expansion of scope to industries such as energy and mining, transport, banking, financial markets, healthcare, etc.
The new law aims to align with the EU legal framework, specifically the NIS2 Directive.
At our company, we believe that digital security is a matter of broad social importance, and that a safer environment begins with open dialogue.
If you have any questions, uncertainties, or concerns regarding the changes in the new law – feel free to contact us.
Our services can help your company:
- Establish an information security management system
- Draft a Security Act
- Conduct a risk assessment
- Develop policies and procedures required by the Security Act
- Create an information system security improvement plan
