Zagreb - Irena Petrijevčanin, State Secretary at the Ministry of the Interior, said in Parliament on Friday that the majority of current threats to critical infrastructure are cyber threats, emphasising the importance of strengthening the resilience of key sectors.
Presenting the Critical Infrastructure Bill, Petrijevčanin explained that the proposal aligns with the EU's Critical Entities Resilience Directive of 14 December 2022, which regulates the protection of critical infrastructure from threats and strengthens the resilience of key sectors such as energy, transport and healthcare.
Highlighting the importance of cooperation and exchange between EU member states, she added that the proposed law aims to bolster resilience in the energy, healthcare, banking, transport and financial markets, as well as in the protection of water intended for human consumption, wastewater, and protective structures for flood defence, fire protection and the like.
She also noted that the bill designates the Ministry of the Interior, as the government body responsible for civil protection, as the coordinating body for critical infrastructure protection. It sets out the principles for the protection of critical infrastructure, outlines the procedures for identifying and certifying critical entities, and more. The bill also correlates with the Cybersecurity Act, overseen by the Security and Intelligence Agency (SOA).
Both the ruling coalition and the opposition welcomed the adoption of the bill and its alignment with the EU Directive. However, SDP MP Ranko Ostojić warned about the need to prepare citizens for events like those that occurred at Chernobyl last night.
Last night, a Russian drone, carrying an explosive warhead, hit the shield protecting the world from radiation at the destroyed fourth reactor of the Chernobyl nuclear power plant. "Where is your mask? Of course, you don't have one, and you don't know where to get it. Neither the institutions know, nor have they prepared a plan for its procurement," he said.
Loris Peršurić (Istrian Democratic Party) pointed out that the entire electrical grid of Istria depends on a single power line that runs over Mount Učka. He believes this critical infrastructure should not rely solely on one source and called for investment to ensure Istria has enough electricity.
Rada Borić (We Can!) remarked that while the bill strengthens the resilience of infrastructure, it does not sufficiently consider the ecological aspect, as resilience to climate change is only briefly mentioned. "It should be clearly defined how entities must reduce their ecological footprint and adapt to extreme weather conditions," she said.
She also warned that critical infrastructure is in the hands of private companies, including in energy and digital communications. She believes this could jeopardise citizens' digital sovereignty, recalling the cyber attack on Zagreb's KBC Rebro hospital, where hackers took sensitive patient data and paralysed the healthcare system.
Marijana Puljak (Centre) also recalled cyberattacks on KBC Rebro, the Croatian Financial Services Supervisory Agency (HANFA), and incidents in the Ministry of Finance and the Tax Administration. "These examples show that state institutions are not prepared to respond to modern cyber threats," she cautioned.