Slovenian Computer Emergency Response Team SI-CERT is the national CSIRT of Slovenia, a response center for handling incidents in electronic network and information security in accordance with the Article 59 of  Information Security Act (ZInfV-1).

SI-CERT is the designated national computer security incident response team (CSIRT) operating within the ARNES (Academic and Research Network of Slovenia) public institute. In accordance with the tasks and responsibilities defined by the Information Security Act, SI-CERT monitors incidents at the national level, provides early warning, alerts, announcements and disseminates information on risks and incident to relevant stakeholders. It also responds to security incidents and provides risk and incident analysis and situational awareness. SI-CERT is also designated as a coordinator for the purposes of coordinated vulnerability disclosure under the NIS2 Directive. 

SI-CERT offers assistance in computer and network security incident handling and provides incident coordination functions for all incidents involving systems and networks located in Slovenia, with the exception of government networks. In various ways SI-CERT helps raising awareness on issues of network and information security and provides advisories and alerts to the general public.

Its constituency includes essential and important entities under the Information Security Act, as well as entities providing domain name registration services, except for public administration entities at the state and local level and qualified trust service providers operating on behalf of state administration entities.  All obliged entities under the Information Security Act are required to report incidents above a certain threshold.

The constituency includes extended networks and users located in Slovenia, with voluntary incident reporting. SI-CERT constituency does not include government networks and systems which have to be reported to SIGOV-CERT, the Slovenian government CSIRT.

In accordance with the EU regulation DORA (Digital Operational Resilience Act) financial entities are required to report major ICT-related incidents to the competent authorities. The competent authority shall, in a timely manner, provide details of the major ICT-related incident to the designated CSIRT SI-CERT.

Additionally, in accordance with Article 23 of Personal Data Protection Act (ZVOP-2), the provisions on security requirements and incident reporting laid down in the Information Security Act shall also apply to specified information systems.

SI-CERT also independently runs the national awareness programme Safe on the Internet, which focuses on information security, and participates in the SAFE-SI project.

The SI-CERT services are available to the general public. SI-CERT is financed by the Government Information Security Office, the competent national authority for cybersecurity in Slovenia.

For detailed information regarding SI-CERTs’ activities please refer to the RFC 2350-compliant specification.

International cooperation

SI-CERT is a member of the CSIRTs network under the NIS/NIS2 directive, the global Forum of Incident Response and Security Teams (FIRST), the CERT/CC National CSIRT community, the TF-CSIRT working group, and a member of Global Cyber Alliance. It is also accredited under the Trusted Introducer programme.