National CERT

Cyber security incidents are reported to the National CERT when one of the parties involved in the incident is located in Croatia; that is, they are in the .hr domain or Croatian IP address range

National CERT ( is a department within Croatian Academic and Research Network—CARNET which was established on 30 October 2007 in accordance with the Information Security Act of the Republic of Croatia as a national body for prevention of and protection from cyber threats to the security of public information systems in the Republic of Croatia. The department’s main task is handling cyber security incidents to preserve cyber security in the Republic of Croatia. department handles incidents if one of the parties involved in the incident is in the Republic of Croatia; that is, if it is in the .hr domain or Croatian IP address range, excluding state administration bodies, which fall under the jurisdiction of the Information Systems Security Bureau (ZSIS).
Furthermore, pursuant to the Act on Cybersecurity of Operators of Essential Services and Digital Service Providers, the National CERT handles significant incidents in the fields of banking, financial market infrastructure, digital infrastructure, part of business services for public authorities and digital service providers.
In the field of cybersecurity in Croatia, cooperates with nationally relevant bodies and participates in the activities of bodies founded under the National Cyber Security Strategythe National Cyber Security Council and the Operational and Technical Cyber Security Coordination Group.
In addition to monitoring the implementation of the Strategy and its Action Plan, these inter-ministerial bodies are entrusted with certain tasks related to management of cyber crises. 

Services services are available to the general public. The operation of is partially funded by the Ministry of Science and Education, and partially by the European Union through various EU projects. implements proactive and reactive measures within its activities.

Proactive measures:
Reactive measures:
National CERT engages with its resources in helping to resolve significant incidents that are defined according to the following priorities:
  1. Incidents that pose a threat to human lives
  2. Incidents that have a significant pursuant to the Act on Cybersecurity
  3. Incidents affecting a larger number of users
  4. New types of threats to computer security
  5. Other incidents.

Other tasks fall within the competence of other authorities or users themselves:
  • Operational troubleshooting and safety concerns of individual systems
  • Punishment of malicious users
  • Arbitration in disputes
  • Bringing criminal charges.

The National CERT’s website includes security notifications which provide useful tips and recommendations to users regarding protection from security incidents. The National CERT also publishes news from the field of information security and disseminates up-to-date information for the purpose of educating the general public and raising awareness of the importance of information security

National CERT
You can report an incident to the National CERT via the contact information provided on the links below:
National CERT contact information

National cybersecurity incident taxonomy

The National cybersecurity incident taxonomy has been developed pursuant to the Action Plan for the Implementation of the National Cyber Security Strategy, within the framework of the GrowCERT project. The taxonomy is a result of cooperation between the Information Systems Security Bureau (ZSIS) and the National CERT, while its implementation has been supported by a task force comprised of representatives of authorities from various fields; the Croatian Regulatory Authority for Network Industries, Croatian National Bank, Ministry of Defence, Ministry of the Interior, Croatian Financial Services Supervisory Agency, as well as experts from the Faculty of Electrical Engineering and Computing and the Faculty of Organization and Informatics.

National cybersecurity incident taxonomy