The cybersecurity regulatory landscape in the EU and Croatia is evolving rapidly. The NIS2 Directive, the Cyber Resilience Act (CRA), the Croatian Cybersecurity Act, and associated implementing regulations introduce significant new obligations for organisations and their governing bodies. At Cyber Security d.o.o. we help you comply — efficiently and without unnecessary operational burden.
Our structured, results-oriented approach covers:
- Assessment of current compliance status (NIS2, CRA, national regulations — gap analysis)
- Alignment with the Croatian Cybersecurity Act and relevant secondary legislation
- Identification of key risks and definition of priority security measures
- Establishment of an information security and risk management system (ISMS / GRC)
- Definition and implementation of policies, procedures, and security controls
- Setup of incident management, reporting, and business continuity processes
- Supply chain security in accordance with NIS2 and CRA requirements
- Training of management and employees on regulatory obligations and responsibilities
We pay particular attention to connecting the requirements of different regulatory instruments (NIS2, CRA, the Croatian Cybersecurity Act, and its implementing regulations) with existing standards such as ISO 27001 — avoiding duplication of effort and optimising the overall implementation.