On October 17, 2025, the Croatian Transport Law Association, in cooperation with Span, a leading Croatian IT company, held a roundtable discussion on the Regulation on Cybersecurity in the Transport Sector. This event was held as a continuation of last year’s roundtable discussion on the Cybersecurity Act.
Vedran Benić, Span’s senior information security advisor, gave an introductory presentation on the existing legal framework, emphasizing the government regulation, a recent piece of legislation introducing concrete cybersecurity measures with which entities classified as essential and important must comply.
This was followed by a roundtable discussion featuring: Filip Barišić from the Cybersecurity Center of the Croatian Security and Intelligence Agency (SOA); Goran Kapić, CISO at Plinacro; and Dr. Natalija Parlov Una, a CQI/IRCA-accredited lead tutor for ISO 27001/ISO 22301 from Apicure CERT. The panelists engaged in a lively conversation about the new regulation’s requirements, previous practical experiences, and anticipated challenges in implementing the new framework. They gave special attention to the challenges posed by the shortage of cybersecurity experts and the need for a long-term commitment to cybersecurity objectives within the management structures of essential and important entities.
Mr. Barišić also offered valuable insights and predictions about the future actions of supervisory authorities from the SOA’s perspective as the primary supervisory body.
Dejan Grahovac, Deputy Director of the Croatian Civil Aviation Agency, was unable to participate in the roundtable discussion; however, readers will have the opportunity to read his responses to questions that were not addressed at the event in an upcoming issue of Transporter.
Antonija Vojnović, Head of the Governance, Risk, and Compliance Department at Span, moderated the roundtable. We are pleased that, despite the serious and challenging topic, the participants maintained a humorous and optimistic tone.
- ©Photo: SPAN 2025