Financial Crime World

Cybercrime in Finance Industry: Croatia Struggles to Keep Pace

Croatia, a growing economy with increasing reliance on digital technologies, is facing a rising tide of cybercrime. With a population of over 4 million and an internet penetration rate of 66.75%, the country’s financial sector is particularly vulnerable to attacks.

The Croatian government has taken steps to address cybersecurity concerns through legal measures. The Criminal Law, enacted in January 2013, specifically addresses cybercrime. Additionally, various regulations and laws have been implemented, including:

  • Law on Information Security
  • Law on Protection of Personal Data
  • Law on Electronic Documents

Technical Measures

Croatia has an officially recognized national CERT (Computer Emergency Response Team), which processes incidents on the internet and provides incident response services to government agencies, local authorities, and private organizations. The country also has a government CERT responsible for:

  • State authorities
  • Legal persons with public authorities
  • Individuals handling classified information

Organizational Measures

The Office of the National Security Council is responsible for preparing a national cybersecurity strategy, while the Information Systems Security Bureau and the Croatian Regulatory Authority for Network Industries are involved in the development of sector-specific frameworks. However, Croatia lacks:

  • A national governance roadmap for cybersecurity
  • Benchmarking exercises to measure its progress

Capacity Building

The country’s capacity building efforts are limited, with no officially recognized national or sector-specific research and development programs for:

  • Cybersecurity standards
  • Best practices
  • Guidelines

The national CERT provides presentations and documents on cybersecurity threats and awareness campaigns, while the Center for Information Security offers training and certification programs.

Cooperation

Croatia cooperates closely with international organizations such as ENISA (European Network and Information Security Agency), participating in various initiatives to address network and information security issues. The country is also a member of:

  • ITU-IMPACT initiative
  • Accesses relevant cybersecurity services

Child Online Protection

Croatia has specific legislation addressing child online protection, including Articles 163-165 of the Criminal Code. The country has also ratified:

  • Convention on the Rights of the Child
  • Optional Protocol to the Convention on the Sale of Children, Child Prostitution and Child Pornography

Despite these efforts, Croatia’s financial sector remains vulnerable to cyber threats. As the country continues to digitalize its economy, it is crucial that the government and private organizations work together to strengthen cybersecurity measures and protect against emerging threats.