Information and data represent considerable economic and political potential. Information, as both raw data and dataflow, can determine not only the existence or non-existence of an individual or company but also, by its nature, influence global development.[1]

We need to realise that the more we depend on information and communication technologies[2], and the more data these technologies collect and share about us, the more vulnerable we become.

Many of the consequences caused by cyberattacks, human recklessness or ignorance can be avoided if the basic principles of cybersecurity are followed.[3]

Cybersecurity is in essence an ever-evolving and changing process that is dependent on a number of variables. Of course, these variables can be data or the ICT elements themselves, which are the subject of protection, custom set processes and their revisions, etc. However, the most important element is the user (whether end user or administrator) who applies the elements of cybersecurity.

It is here where you will run into that theoretical stumbling block is, i.e. where you will be given the information, instructions and procedures that we have adopted and tested in good faith. What will be presented here is our view on the issue of cybersecurity and the processes associated with it. These instructions, procedures and recommendations work for us, but they may not work for you because, in the actual implementation of any security procedures, it is good to build on certain proven recommendations, but above all it is beneficial to tailor, modify or change these procedures depending on the specific conditions of either the individual user or the organisation.

The EU Network and Information Security Directive (NIS Directive) aims to create a CSIRT Network “to contribute to developing confidence and trust between the Member States and to promote swift and effective operational cooperation”. [1] The Directive states that each Member State shall designate one or more CSIRTs which shall comply with the requirements set out in the Directive’s point (1) of Annex I (requirements), covering at least the sectors referred to in Annex II and the services referred to in Annex III, responsible for risk and incident handling in accordance with a well–defined process. The Directive gives high-level requirements that designated CSIRTs must observe, and tasks that they must perform.[4]