Currently, there is still no consolidated quantitative method for assessing the state of cyber security. A harmonized metric is also absent in the EU. The consequence of this is the fact that uniformly applied strategic planning in the field of protection of information assets is at a low stage of maturity. A certain change can be expected from the new reporting obligations that will result from the approved NIS2 directive. For now, the only objective source of quantitative research data on the state of cyber security in the Slovak Republic is the performance of an audit according to § 29 of Act no. 69/2018 Coll. on cyber security. As for qualitative sources, only the method of statistical surveys is available. The lecture summarizes the current level of cyber security in the Slovak Republic, compared to the results from the previous year.