The new decree 227/2025 to the Cybersecurity Act changes practice: instead of paperwork, it emphasizes concrete technical measures. How to turn them into reality was demonstrated through examples by Tomáš Antonič from Slovanet: from network protection through incident response to logging and user education. Security, in his view, is not just an obligation but also a competitive advantage.
From the perimeter to endpoints
Slovanet builds network defense, for example, on the Fortinet platform, which combines a firewall, intrusion detection and prevention systems, segmentation, and high availability with unified oversight via FortiAnalyzer. Such solutions make it possible not only to block attacks, but also to see them in real time, track trends, and respond to anomalies. Endpoint protection is provided by CrowdStrike Falcon, a detection and response platform that analyzes workstation behavior and stops an attack before it spreads across the network. Its cloud-native design makes it suitable even for small and medium-sized businesses, which do not have to operate their own servers.
Logs and people make the difference
Audits most often run into shortcomings in logging, not errors with firewalls or updates. Centralized record management via a log manager and FortiAnalyzer ensures collection, retention, and traceability of events, which is crucial for meeting incident reporting obligations and for audit. These services can be subscribed to as a service, so the customer has assurance that logs are securely stored and backed up. The customer also obtains the basis for incident response and long-term security improvement.
Seven out of ten incidents, however, are related to the human factor: phishing, password sharing, or careless clicking. Therefore, Slovanet complements technology with training – live and in the form of e‑learning – tailored to schools, municipalities, healthcare, or manufacturing, and usable also during onboarding. The company points out that it is not only an internet provider, but also offers cloud services and its own data centers. The takeaway of the talk is simple: complying with the law is important, but above all it is about protecting your own investments and reputation.
