In order to strengthen cybersecurity in Latvia and
implement the requirements of the revised European Union Network and
Information Systems Security Directive (NIS2, https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32022L2555&qid=1725010616581),
the National Cybersecurity Law (NCSL, https://likumi.lv/ta/id/353390),
developed by the Ministry of Defense, came into force on September 1st.
The entry into force of the NCSL has introduced changes to the cybersecurity governance model, including the launch of a new institution—the National Cybersecurity Centre. Compliance with cybersecurity requirements now applies to a broader range of companies, and the cyber incident response body, CERT.LV, has been assigned new responsibilities.
While several NCSL-related regulations are still being developed, the work of strengthening infrastructure security must continue. We will discuss the cyberattacks in Latvia in 2024 and focus on the most pressing IT security threats. Drawing on our experience, we will highlight the most significant risks and outline our vision for the necessary tasks in the near future, both for those already collaborating with CERT.LV and for those who have yet to engage with us.
Gints Mālkalnietis
IT drošības speciālists, Latvija
CERT.LV IT Security Specialist with extensive experience in handling various cyber incidents. He has been an expert invited by the State Police in criminal cases involving cyber components.
Before joining the CERT.LV team, he worked at LMT Security Service and Aizkraukle Bank.
Sanita Vītola
IT drošības speciāliste, Latvija
CERT.LV IT Security Specialist with many years of experience in IT security management, ICT auditing, business process and system analysis.
Before joining the CERT.LV team, she worked at PwC and TietoEnator Alise SIA.