The National Cyber Security Council adopted at its session on 18 May 2017 a decision on the establishment of a Council working group for the implementation of the NIS Directive. The Council working group will be composed of the state authority representatives (according to their respective sectors), the representatives of the relevant regulatory agencies and the representatives of the sectors covered by the NIS Directive. The Council working group will make proposals for the drafts of legal acts and subordinate legislation stipulating the responsible national-level and sector-level authorities, the work of the CERT authorities and prescribing the minimum security standards and obligations of reporting in case of major incidents. The implementation of the Directive will lead to more security of the key services in the defined sectors (energy, transport, banking, financial market infrastructures, healthcare sector, water supply and distribution, digital infrastructure) and thus all the other processes relying on such services. The Directive also contains recommendations for digital service providers (Internet market, Internet search engines, Cloud computing services) that need to be aligned among the Member States.
The Republic of Croatia is required to align its legal framework with the Directive by 10 May 2018 and transposition the provisions including the establishment of an initial list of identified operators of the key services in the seven required sectors by 10 November 2018.
The text of the Directive is available at: