SK@UT

1. What is SK@UT?

SK@UT is the national system for detecting cybersecurity threats and protecting the cyber environment through a distributed network of sensors and cybersecurity tools.

The objective of building the SK@UT system is to protect the national cyber environment and to enhance national capabilities for the timely detection, early warning, and protection against state-sponsored and Advanced Persistent Threat (APT) cyber attacks as well as other cyber threats.

2. Who is SK@UT intended for?

The SK@UT system is primarily intended to protect key parts of the state information infrastructure.

Under the Cybersecurity Act, SK@UT is listed as one of the voluntary cybersecurity protection mechanisms, and other legal entities in the Republic of Croatia whose business disruption caused by a cyber attack would have consequences for Croatian society and the economy may also voluntarily join the SK@UT system.

3. Is there an obligation to use the SK@UT system?

SK@UT is mandatory only for ministries and other government authorities, based on a criticality assessment conducted by the National Cyber Security Centre (NCSC-HR). There is also the possibility of voluntary participation by socially important economic entities, regardless of their ownership structure, and solely at their request.

4. How to join the SK@UT system?

To ba able to join the SK@UT system, it is necessary to submit an application to the NCSC-HR, after which NCSC-HR conducts a criticality assessment of the legal entity and makes a decision on approving the application.

5. How does SK@UT protect against cyber attacks?

Through a distributed network of sensors and cybersecurity protection tools, the SK@UT system helps with the detection, early warning, and protection against cyber attacks.

6. What data does the SK@UT sensor have access to?

The SK@UT sensor has access to a portion of the network traffic of the entity it protects. Each entity participating in SK@UT, including both private and public organizations, is aware of and independently decides which data the SK@UT sensor may access.

In addition, each entity can independently access the SK@UT system’s user interface; in this way, SK@UT serves as a complement to other security systems and enhances the cybersecurity protection capabilities of each entity within the system.

7. How does the SK@UT sensor differ from commercial cyber attack detection systems?

The SK@UT sensor operates in a manner similar to commercial solutions, with the added value that information obtained through international cooperation, as well as through investigations and analyses conducted by NCSC-HR, is also used to detect cyber attacks.