Networks and services security

Adequate network and information security are vital for the normal functioning of the economy and the development of society. Interruptions or degradation of electronic communications services due to malicious acts, natural disasters, system or human error can have a critical impact on the functioning of the information society. The European Electronic Communications Code (EECC) has brought about a number of legislative changes and amendments in the field of electronic communications, while at the same time unifying the field across the EU. One of the important orientations of the EECC is the commitment to ensure the adequate security and integrity of networks and services. Slovenia has transposed the EECC into the national framework under the Electronic Communications Act (ZEKom-2).

In the area of security, Directive (EU) 2022/2555 (the so-called NIS 2 Directive) was also adopted and transposed into Slovenian law in 2025 through the new Information Security Act (ZInfV-1). This amended the chapter of the ZEKom-2 on network and service security and operation in emergencies and deleted individual articles of the ZEKom-2, thereby transferring part of the competences from the Agency to the Slovenian Government Office for Information Security (URSIV).

Thus, in the area of network and service security and emergency response, the Agency retains, inter alia, the power to enable an operator, at its request, to carry out an audit of the security of networks and services, including the associated information systems. The Agency continues to monitor the business continuity obligations of operators in the event of a threat - they must ensure the uninterrupted operation of networks critical to the national security and emergency communications system and support the operation of critical infrastructure, essential service providers and public administration bodies.

You can read more about network security on the following pages:

• ECASEC Working Group Portal

• Abuse and intrusion of private branch exchanges (PBXs) and necessary measures

• SI-CERT

• Web Eye

• Stay safe online

Recommendations:

• ENISA Indispensable baseline security requirements for the procurement of secure ICT products and services

• ENISA Technical Guideline on Security Measures

• ENISA Guideline on Security Measures under the EECC

• ENISA Technical Guideline on Incident Reporting

• ENISA Security aspects of virtualization

• ENISA Threat Landscape for Supply Chain Attacks

• ENISA Signalling Security in Telecom SS7/Diameter/5G

• ENISA 7 Steps to shore up the Border Gateway Protocol (BGP)

• ENISA Cyber Threats Outreach In Telecom

• ENISA Security Controls Matrix

5G network security:

• European Commission: Cybersecurity of 5G networks - EU Toolbox of risk mitigating measures

• European Commission: EU-wide coordinated risk assessment of 5G networks security

• ENISA 5G Supplement - to the Guideline on Security Measures under the EECC

• ENISA Threat Landscape for 5G Networks Report

• ENISA Security in 5G Specifications - Controls in 3GPP

• ENISA Threat Landscape and Good Practice Guide for Software Defined Networks/5G