The European Court of Auditors (ECA) in cooperation with the EU supreme audit institutions (SAIs) issued a review of audit work on cybersecurity. The Compendium was published in English at the end of last year, now it is available on the ECA website in 23 languages, also in Slovenian. The Compendium draws on the results of selected audits carried out by 12 SAIs and the ECA which were published between 2014 and 2020.
The third Compendium is dedicated to cybersecurity, a topic which was already critical for our societies before COVID-19 pandemic. Protection of the critical information systems and digital infrastructures against cyberattacks has become an ever-growing strategic challenge for the EU and its Member States. The question is no longer whether cyberattacks will occur, but how and when they will occur. This concerns us all: individuals, businesses and public authorities. EU SAIs and the European Court of Auditors have therefore geared up their audit work on cybersecurity, with a particular focus on data protection, system readiness for cyberattacks, and the protection of essential public utilities systems.
The Compendium includes basic information on cybersecurity, key strategic initiatives and relevant EU legal bases. It also illustrates the main challenges the EU and its Member States are facing, such as threats to individual EU citizens' rights through misuse of personal data, the risk that institutions are not being able to deliver essential public services or facing limited performance following cyberattacks.
The Court of Audit of the Republic of Slovenia, that did not actively participate in the development of the Compendium as it coincided with the audit implementation, at the beginning of March 2021 issued an audit report Efficiency of ensuring cybersecurity in the Republic of Slovenia where it assessed that ensuring cybersecurity in the Republic of Slovenia in the period from the beginning of 2016 to 30 September 2019 was not efficient. More details are available on the website where the infographic and the audit report are presented.