Cybersecurity Becomes a Key Pillar of Social and Economic Stability

“We can’t fix stupidity, but we can prevent it from causing a catastrophe,” said Ira Winkler, a globally recognized cybersecurity expert, whose keynote speech opened the second edition of the Span Cyber Security Arena, one of the largest regional cybersecurity conferences. A former NSA operations officer, Winkler is known for his innovative espionage simulations that have helped major global organizations reinforce their information security. Speaking to the Croatian audience, he emphasized the need to design security systems that account for human error and help prevent or mitigate its consequences.

Another highlight was the presentation by IBM's Martin Svik, who warned that once quantum computers become sufficiently powerful, they could break the encryption that today protects our bank accounts, emails, and state secrets. The conference will also cover increasingly sophisticated tools used by hackers, as well as those aiding defense efforts. On the second day, American cybersecurity expert Andy Thompson will discuss the development of agent-based artificial intelligence that makes autonomous decisions and takes action, playing an ever-greater role in both cyberattacks and defenses.

One of the major topics will be the current geopolitical environment, which increases the risk of cyberattacks targeting critical infrastructure, public services, and essential economic actors. As a member of the EU and NATO, Croatia is an inseparable part of this landscape, making the underestimation of cyber threats no longer an option. Robin Dimyanoglu will address this topic, warning that in cyberspace, there are no longer any neutral observers—if you are not actively prepared, you are a potential target.

Returning to Opatija is Max Schrems, one of last year’s conference highlights. His lawsuit against Facebook in Ireland overturned the legal framework for transatlantic data exchange between companies in the EU and the U.S. This year, he will speak about the future of data protection in the EU and offer guidance on advocating for stronger privacy rights. Alongside technical presentations, the conference will feature Croatian experts in law, regulation, and communications.

“Cybersecurity is no longer a purely technical issue. It is shaped by the socio-political context we live in, while legal and regulatory frameworks help us approach it properly,” says Antonija Vojnović, Governance, Risk and Compliance Department Manager at Span and co-program director of the conference, alongside Span’s CISO Hrvoje Englman.

Adaptation to the new rules introduced by the Cybersecurity Act is already underway. In Opatija, attendees will get additional insights into how its practical implementation will unfold. Nataša Glavor, Assistant Director for the National CERT, will present the national PiXi Platform, the key tool for timely reporting of significant cybersecurity incidents in accordance with the law.

Special attention will be paid to small and medium-sized enterprises, for whom cyber threats are an increasing challenge due to financial constraints and a lack of experts. These companies are increasingly targeted because they serve larger clients and represent weaker security links, providing easier access to more lucrative targets.

Vlatka Marčan, Head of the National Coordination Center for Industry, Technology and Research in Cybersecurity, will introduce the first upcoming national funding call aimed at improving cybersecurity for SMEs and outline other available financing opportunities to boost their resilience.

The Span Cyber Security Arena has already positioned itself as a leading regional conference by addressing this complex topic from multiple angles. In addition to IT, legal, and regulatory perspectives, the event will also explore the communication aspects of cybersecurity, as cyberattacks pose a major reputational risk. Mario Aunedi Medek, partner and managing director at Val Grupa, will discuss cases in which companies’ silence and denial following cyberattacks severely damaged their value, performance, and customer trust.

The key message highlighted on the conference’s first day is that cybersecurity has become a shared responsibility across all sectors and levels of society, requiring collaboration and knowledge exchange. “Cybersecurity is now the heart of every company, and IT experts must sit at the same table with management, legal teams, and compliance officers. They all need to establish a shared language because regulatory pressure is increasing, and the responsibility for security can no longer be assigned to a single function,” said Span CEO Nikola Dujmović at the opening of the conference, which brings together more than 450 attendees in Opatija, making it one of the region’s leading cybersecurity events.