{"id":4967,"date":"2026-07-02T22:09:37","date_gmt":"2026-07-02T20:09:37","guid":{"rendered":"https:\/\/publicfinance.undp.sk\/?p=4967"},"modified":"2026-07-02T22:19:56","modified_gmt":"2026-07-02T20:19:56","slug":"cybersecurity_interview-miroslav-pikus","status":"publish","type":"post","link":"https:\/\/publicfinance.undp.sk\/en\/2026\/07\/02\/cybersecurity_interview-miroslav-pikus\/","title":{"rendered":"Digitalization without security creates risks rather than value (Miroslav Pikus)"},"content":{"rendered":"<div class=\"wpb-content-wrapper\"><p>[vc_row][vc_column][vc_column_text]<\/p>\n<h3><strong><span class=\"TextRun SCXW267822640 BCX0\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW267822640 BCX0\">A Slovak cybersecurity expert examines how rapidly evolving digitalization is reshaping cybersecurity risks<\/span><span class=\"NormalTextRun SCXW267822640 BCX0\">\u00a0<\/span><span class=\"NormalTextRun SCXW267822640 BCX0\">in the Western Balkans and Moldova<\/span><span class=\"NormalTextRun SCXW267822640 BCX0\">.<\/span><\/span><span class=\"EOP Selected SCXW267822640 BCX0\" data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/strong><\/h3>\n<h3><!--more--><\/h3>\n<p><span data-contrast=\"auto\">Cybersecurity has become a defining issue of digital transformation, where rapid connectivity, critical infrastructure, and national security\u00a0are increasingly intersected.\u00a0<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">In this interview, Miroslav Pikus, a cybersecurity expert working on a regional project implemented by UNDP\u00a0with the support of\u00a0the Ministry of Finance of Slovakia,\u00a0reflects on the key challenges facing the Western Balkans and Moldova. He also shares lessons that can be drawn from Slovakia\u2019s experience in building digital security capacity.<\/span><\/p>\n<div class=\"coh-wysiwyg ssa-component coh-component ssa-component-instance-818f8ada-07a1-490d-8fbc-b4996b02d0e9 coh-component-instance-818f8ada-07a1-490d-8fbc-b4996b02d0e9\"><\/div>\n<div class=\"coh-wysiwyg ssa-component coh-component ssa-component-instance-4cfe6197-1e61-4c51-a288-6f90ca223430 coh-component-instance-4cfe6197-1e61-4c51-a288-6f90ca223430\">\n<div class=\"coh-wysiwyg ssa-component coh-component ssa-component-instance-5300a724-c2df-43ea-84b4-7ee8e5f80dd0 coh-component-instance-5300a724-c2df-43ea-84b4-7ee8e5f80dd0\">\n<div id=\"attachment_4968\" style=\"width: 910px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-4968\" class=\"wp-image-4968 size-large\" src=\"https:\/\/publicfinance.undp.sk\/wp-content\/uploads\/2026\/07\/Miroslav-Pikus_UNDP-Cybersecurity-consultant-1024x768.jpeg\" alt=\"\" width=\"900\" height=\"675\" srcset=\"https:\/\/publicfinance.undp.sk\/wp-content\/uploads\/2026\/07\/Miroslav-Pikus_UNDP-Cybersecurity-consultant-1024x768.jpeg 1024w, https:\/\/publicfinance.undp.sk\/wp-content\/uploads\/2026\/07\/Miroslav-Pikus_UNDP-Cybersecurity-consultant-300x225.jpeg 300w, https:\/\/publicfinance.undp.sk\/wp-content\/uploads\/2026\/07\/Miroslav-Pikus_UNDP-Cybersecurity-consultant-768x576.jpeg 768w, https:\/\/publicfinance.undp.sk\/wp-content\/uploads\/2026\/07\/Miroslav-Pikus_UNDP-Cybersecurity-consultant-1536x1152.jpeg 1536w, https:\/\/publicfinance.undp.sk\/wp-content\/uploads\/2026\/07\/Miroslav-Pikus_UNDP-Cybersecurity-consultant-2048x1536.jpeg 2048w\" sizes=\"(max-width: 900px) 100vw, 900px\" \/><p id=\"caption-attachment-4968\" class=\"wp-caption-text\">Miroslav Pikus, UNDP cybersecurity consultant<\/p><\/div>\n<p><b style=\"background-color: transparent;\"><span data-contrast=\"auto\">What is the role of cybersecurity in today&#8217;s broader security environment?<\/span><\/b><\/p>\n<p><span style=\"background-color: transparent;\" data-contrast=\"auto\">For centuries, security mostly meant defense\u00a0&#8211;\u00a0protecting borders, people, and physical infrastructure, the domain of national security. As information itself became critical to how states and\u00a0organizations\u00a0function, information security\u00a0emerged\u00a0to protect it, and cybersecurity grew out of that field to address the risks created by our growing reliance on software and networks.<\/span><\/p>\n<p><span style=\"background-color: transparent;\" data-contrast=\"auto\">Cybersecurity is what keeps that invisible layer trustworthy. It is like\u00a0the immune system of a digital society: when it works, nobody notices it; when it fails, everything else fails with it.<\/span><span style=\"background-color: transparent;\" data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559738&quot;:120,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<\/div>\n<div class=\"coh-container ssa-component coh-component ssa-component-instance-cf7cff2d-6f10-4d76-865f-4464b01ca065 coh-component-instance-cf7cff2d-6f10-4d76-865f-4464b01ca065 coh-style-margin-bottom-small\">\n<div id=\"main-slider-1\" class=\"coh-slider-container coh-slider-container-bleed-xl coh-slider-container-overflow-hidden-xl coh-slider-container-nav-inside-middle-left-right-xl coh-slider-container-pager-outside-bottom-middle-sm coh-style-image-thumbnail-carousel-style coh-ce-cpt_image_thumbnail_carousel_3-4d540297\" role=\"region\" data-once=\"coh-slider-container-init\">\n<div class=\"coh-slider-container-mid\">\n<div class=\"coh-slider-container-inner slick-initialized slick-slider\" style=\"box-sizing: border-box; margin: 0px; padding: 0px; border: 0px; outline: 0px; vertical-align: baseline; background: transparent; overflow-wrap: break-word; position: relative; display: block; user-select: none; touch-action: pan-y; -webkit-tap-highlight-color: transparent; overflow: hidden; visibility: visible;\" data-coh-slider=\"{ &quot;arrows&quot; : false, &quot;counter&quot; : false, &quot;counterClass&quot; : &quot;coh-slide-count &quot;, &quot;dots&quot; : false, &quot;dotsClass&quot; : &quot;slick-dots coh-style-slider-pagination&quot;, &quot;dotsNumbers&quot; : false, &quot;draggable&quot; : true, &quot;edgeFriction&quot; : 0.15, &quot;mobileFirst&quot; : false, &quot;pauseOnFocus&quot; : false, &quot;pauseOnHover&quot; : false, &quot;respondTo&quot; : &quot;window&quot;, &quot;responsive&quot; : {&quot;xl&quot;:{&quot;slidesToShow&quot;:1,&quot;slidesToScroll&quot;:1,&quot;adaptiveHeight&quot;:true,&quot;matchHeights&quot;:{&quot;target&quot;:&quot;none&quot;},&quot;arrows&quot;:true,&quot;prevArrow&quot;:&quot;&lt;button type=\\&quot;button\\&quot; class=\\&quot;slick-prev coh-style-thumbnail-carousel---left-navigation\\&quot;&gt;&lt;\/button&gt;&quot;,&quot;nextArrow&quot;:&quot;&lt;button type=\\&quot;button\\&quot; class=\\&quot;slick-next coh-style-thumbnail-carousel---right-navigation\\&quot;&gt;&lt;\/button&gt;&quot;,&quot;appendArrows&quot;:&quot;.coh-slider-nav-inner-top&quot;,&quot;dots&quot;:false,&quot;draggable&quot;:true,&quot;swipe&quot;:true,&quot;fade&quot;:false,&quot;vertical&quot;:false,&quot;infinite&quot;:true,&quot;speed&quot;:400,&quot;cssEase&quot;:&quot;ease&quot;,&quot;pauseOnHover&quot;:false,&quot;pauseOnDotsHover&quot;:false,&quot;autoplay&quot;:false,&quot;rows&quot;:0},&quot;sm&quot;:{&quot;dots&quot;:true,&quot;appendDots&quot;:&quot;.coh-slider-nav-bottom&quot;,&quot;rows&quot;:0}}, &quot;rows&quot; : 0, &quot;slide&quot; : &quot;.coh-slider-item&quot;, &quot;slidesPerRow&quot; : 0, &quot;touchMove&quot; : true, &quot;touchThreshold&quot; : 5, &quot;useCSS&quot; : true, &quot;useTransform&quot; : true, &quot;asNavFor&quot; : &quot;#thumbnail-slider-1&quot;, &quot;centerPadding&quot;:&quot;0px&quot;, &quot;infinite&quot; : false }\">\n<div class=\"slick-list draggable\">\n<div class=\"slick-track\">\n<div id=\"\" class=\"coh-slider-item coh-style-image-thumbnail-carousel-style slick-slide slick-cloned\" tabindex=\"-1\" role=\"group\" data-slick-index=\"7\" aria-label=\"slide 4\" aria-hidden=\"true\">\n<div data-b-token=\"b-c590b8de9d0\">\n<p><b><span data-contrast=\"auto\">What has\u00a0most changed\u00a0your understanding of cybersecurity over time, and what do you think is the most overlooked risk for the future?<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">When I started in the 1990s, I believed cybersecurity was a technological problem with technological solutions. Decades of practice taught me it is primarily a human and organizational problem. Most successful attacks exploit people, processes and unclear responsibilities, not sophisticated technical flaws.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p>As for the most overlooked risk: our interdependence. We have built societies where energy, telecommunications, finance and logistics are so tightly interconnected that failure in one can cascade through all the others. With AI now accelerating both attacks and our dependence on automation, the speed at which things can go wrong is growing faster than our ability to respond.<\/p>\n<p><b><span data-contrast=\"none\">What are the most important basic steps and precautionary measures that should be in place in cybersecurity today?<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Before anything sophisticated, get the basics right. This is\u00a0what we call cyber hygiene. That means a properly configured\u00a0firewall, up-to-date protection against malicious software on every device, multi-factor authentication so that a stolen password alone is not enough, and secure, regularly tested backups kept where an attacker cannot reach them. None of\u00a0this is\u00a0glamorous, but most successful attacks succeed precisely because one of these basics was missing. Master the fundamentals first.\u00a0They stop most attackers and make\u00a0the advanced\u00a0measures worth investing in.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">You are currently contributing your\u00a0expertise\u00a0to Western Balkan countries and Moldova within a Slovak-supported project. What motivated you to get involved in this work, and what do you see as its most important value or impact?<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p>IT security has long been my passion and working on projects that help states and communities become safer gives that passion a deeper purpose. The Western Balkans and Moldova are in a remarkable period of transition &#8211; digitalizing fast, moving towards the EU, and at the same time facing very real cyber threats. That combination means the need is urgent and the impact of every improvement is tangible. For me, the greatest value of the <a href=\"https:\/\/publicfinance.undp.sk\/en\/regional-project-cybersecurity\/\" target=\"_blank\" rel=\"noopener\">project<\/a> is that it does not just deliver recommendations on paper; it builds lasting local capacity and connects people across the region who face the same challenges.<\/p>\n<p><b><span data-contrast=\"auto\">Recently, a <a href=\"https:\/\/publicfinance.undp.sk\/en\/2026\/06\/04\/cybersecurity_energy-sector_workshop\/\" target=\"_blank\" rel=\"noopener\">workshop<\/a> was held in Bratislava focused on strengthening the protection of critical energy infrastructure against growing cyber threats.\u00a0Why is\u00a0the energy sector such an attractive target for cyberattacks compared to other sectors?<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">All critical infrastructure, such as\u00a0banks, mobile operators, and\u00a0hospitals,\u00a0is vital but every one of them struggles without electricity, which gives the energy sector a special role. At the same time, its level of automation and reliance on digital technology is extremely high. The combination of maximum dependency and maximum digitalization makes it a particularly high-risk, and therefore particularly attractive, target.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Based on your cooperation with experts from Albania, Bosnia and Herzegovina, Montenegro, North Macedonia, and Moldova, what are the most important cybersecurity challenges you\u00a0observe\u00a0across the region?<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">On the technical side, the issues vary, but in the energy sector one stands out: the need for stricter separation and controlled flow between IT and OT. Put simply, IT is the office world \u2014 e-mails, accounting, websites \u2014 while OT (operational technology) is the world of systems that physically control turbines,\u00a0substations\u00a0and grids. If the two are connected without strict controls, a phishing e-mail opened in an office can become a pathway to the equipment that keeps the lights on.\u00a0<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">What surprised me most, however, was organizational: how many entities still do not have a dedicated CISO \u2014 a security chief separate from the IT department. That is where you start, because whoever runs the systems should not be the only one\u00a0to grade\u00a0their security.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Why does this gap between<\/span><\/b><b><span data-contrast=\"none\">\u00a0industrial systems and corporate IT\u00a0networks\u00a0<\/span><\/b><b><span data-contrast=\"auto\">remain\u00a0so difficult to close in practice?<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Industrial control systems were often designed decades ago for reliability, not for hostile internet, and they have been gradually connected to corporate networks for convenience and remote\u00a0management. Without strict segmentation,\u00a0monitoring\u00a0and controlled data flows between the two worlds, an attacker who\u00a0compromises\u00a0an ordinary office computer can move towards the systems that physically\u00a0operate\u00a0the grid. Closing that gap is the single most important technical priority.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">You said that the\u00a0Western Balkan countries\u00a0digitalize fast. Does\u00a0this rapid digital growth automatically translate into stronger cybersecurity and resilience?<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Unfortunately, not,\u00a0and that is precisely the risk. Digitalization and connectivity without security is not an\u00a0asset,\u00a0it is a liability: every new online service is also a new attack surface. We need a shift of paradigm \u2014 to stop talking about digitalization in general and start talking about resilient, secure digitalization.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559738&quot;:120,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">What is driving the increasing importance of cybersecurity in those countries?\u00a0<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">The motivation comes from two directions. First, as EU candidate countries they are harmonizing their legislation and institutions with European frameworks such as the NIS2 Directive. Second,\u00a0the region has experienced a wave of devastating cyberattacks.\u00a0Think of the 2022 attacks that paralyzed Albania\u2019s government e-services, or the ransomware attack that crippled Montenegro\u2019s public infrastructure the same year. Those incidents moved cybersecurity from a technical footnote to a political topic. That said, the urgency is not yet universally shared across all institutions and sectors. Priorities still compete with many other pressing economic and infrastructure needs.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">So, one could say that countries in the Western Balkans and similar regions are investing sufficiently in cybersecurity?<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Not yet. Our survey showed that a third of energy companies in the region invest less than 1% of their budget in cybersecurity \u2014 far below what the threat level demands.\u00a0<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">What are the main reasons behind this?<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p>Part of the problem is genuinely financial: cybersecurity requires expensive capital expenditure, and NIS2 compliance is not a cheap exercise. But it is also a question of prioritization and management. Spending wisely on the right controls, people and processes matters as much as the size of the budget.<\/p>\n<p><b><span data-contrast=\"auto\">How would you compare cybersecurity readiness in Slovakia with that of the Western Balkans and Moldova, and what are the main similarities and differences you see?<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">The situation in Slovakia is not ideal either. The latest 2024\u00a0<\/span><a href=\"https:\/\/www.nbu.gov.sk\/sprava-o-kybernetickej-bezpecnosti-v-slovenskej-republike-v-roku-2024\/\" target=\"_blank\" rel=\"noopener\"><span data-contrast=\"none\">statistics<\/span><\/a><span data-contrast=\"auto\">\u00a0from our National Security Authority show energy entities are on average 88% compliant with the NIS framework \u2014 and NIS should not be seen as the ultimate goal, but rather as a basic floor.\u00a0\u00a0from our\u00a0National Security Authority show energy entities are on average 88% compliant with the NIS framework \u2014 and NIS should not be seen as the\u00a0ultimate goal, but rather as a basic floor.\u00a0<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p>On the other hand, NIS was transposed in Slovakia back in 2018, the situation keeps improving year by year, and\u00a0I believe we\u00a0are on a good track. The most obvious difference is that Slovakia can draw on EU-funded cybersecurity projects, which the candidate countries cannot yet fully access.<\/p>\n<p>Beyond that, we honestly keep ourselves busy with\u00a0very similar\u00a0issues \u2014 talent shortages, legacy systems, and the gap between regulation on paper and security in practice.<\/p>\n<p><b><span data-contrast=\"auto\">What practical lessons from Slovakia\u2019s cybersecurity experience could realistically be applied in the Western Balkans, and what cannot be easily transferred due to structural differences?<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559738&quot;:120,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p>What transfers well is the journey itself. Slovakia went through exactly the transition these countries are starting now: transposing the NIS Directive into national law, building a national cybersecurity authority and incident-response capability, and teaching critical-infrastructure operators what compliance means in practice. We made mistakes along the way \u2014 underestimating implementation costs, treating compliance as paperwork rather than real security \u2014 and sharing those mistakes is at least as valuable as sharing successes. What cannot be copy-pasted is the context: access to EU funding, the size and maturity of the local cybersecurity market, and institutional capacity all differ. So, the lesson is not \u201cdo what Slovakia did,\u201d but \u201clearn from how Slovakia did it and skip our detours.\u201d<\/p>\n<div id=\"attachment_4920\" style=\"width: 910px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-4920\" class=\"size-large wp-image-4920\" src=\"https:\/\/publicfinance.undp.sk\/wp-content\/uploads\/2026\/06\/Cybersecurity-workshop_Miroslav-Pikus_UNDP-cybersecurity-consultant-1024x517.jpg\" alt=\"\" width=\"900\" height=\"454\" srcset=\"https:\/\/publicfinance.undp.sk\/wp-content\/uploads\/2026\/06\/Cybersecurity-workshop_Miroslav-Pikus_UNDP-cybersecurity-consultant-1024x517.jpg 1024w, https:\/\/publicfinance.undp.sk\/wp-content\/uploads\/2026\/06\/Cybersecurity-workshop_Miroslav-Pikus_UNDP-cybersecurity-consultant-300x152.jpg 300w, https:\/\/publicfinance.undp.sk\/wp-content\/uploads\/2026\/06\/Cybersecurity-workshop_Miroslav-Pikus_UNDP-cybersecurity-consultant-768x388.jpg 768w, https:\/\/publicfinance.undp.sk\/wp-content\/uploads\/2026\/06\/Cybersecurity-workshop_Miroslav-Pikus_UNDP-cybersecurity-consultant-1536x776.jpg 1536w, https:\/\/publicfinance.undp.sk\/wp-content\/uploads\/2026\/06\/Cybersecurity-workshop_Miroslav-Pikus_UNDP-cybersecurity-consultant-2048x1034.jpg 2048w\" sizes=\"(max-width: 900px) 100vw, 900px\" \/><p id=\"caption-attachment-4920\" class=\"wp-caption-text\">Miroslav Pikus, UNDP cybersecurity consultant<\/p><\/div>\n<p><b><span data-contrast=\"auto\">During your presentation at the workshop, you mentioned that people and\u00a0expertise\u00a0are the key \u201cbattlefield\u201d in cybersecurity. What did you mean by that, and what led you to that conclusion?<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Technology can be bought;\u00a0expertise\u00a0cannot.\u00a0It has to be grown, and that takes years.\u00a0A firewall\u00a0is only as good as the person who configures it, and the most sophisticated monitoring system is useless if nobody can interpret what it shows. That is why people\u00a0are\u00a0the real battlefield: attackers and defenders are ultimately competing for the same scarce talent.\u00a0<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">For smaller countries this is compounded by a brain drain &#8211; skilled specialists are recruited by the private sector and by wealthier markets abroad, and public institutions with rigid pay scales simply cannot compete. The answer is not only higher salaries but building attractive professional communities, continuous training, and giving experts meaningful missions, which is exactly what regional cooperation projects like ours try to support.<\/span><\/p>\n<hr \/>\n<p><i><span data-contrast=\"auto\">About Miroslav Pikus\u00a0<\/span><\/i><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p><i><span data-contrast=\"auto\">Miroslav Pikus is a Slovak cybersecurity expert with three decades of experience, including managerial roles at ESET, Avnet, Websupport and Deutsche Telekom. He currently provides his expertise for the Slovak-UNDP regional project \u201c<\/span><\/i><a href=\"https:\/\/publicfinance.undp.sk\/en\/regional-project-cybersecurity\/\"><i><span data-contrast=\"none\">Cybersecurity for a Resilient Digital Future<\/span><\/i><\/a><i><span data-contrast=\"auto\">\u201d.<\/span><\/i><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559738&quot;:120,&quot;335559739&quot;:120,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p>[\/vc_column_text][\/vc_column][\/vc_row]<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<p><!--more--><\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Sorry, this entry is only available in Slovak.<\/p>\n","protected":false},"author":3,"featured_media":4979,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[120],"tags":[100],"aioseo_notices":[],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"https:\/\/publicfinance.undp.sk\/wp-content\/uploads\/2026\/07\/Untitled-design.png","_links":{"self":[{"href":"https:\/\/publicfinance.undp.sk\/en\/wp-json\/wp\/v2\/posts\/4967"}],"collection":[{"href":"https:\/\/publicfinance.undp.sk\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/publicfinance.undp.sk\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/publicfinance.undp.sk\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/publicfinance.undp.sk\/en\/wp-json\/wp\/v2\/comments?post=4967"}],"version-history":[{"count":10,"href":"https:\/\/publicfinance.undp.sk\/en\/wp-json\/wp\/v2\/posts\/4967\/revisions"}],"predecessor-version":[{"id":4981,"href":"https:\/\/publicfinance.undp.sk\/en\/wp-json\/wp\/v2\/posts\/4967\/revisions\/4981"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/publicfinance.undp.sk\/en\/wp-json\/wp\/v2\/media\/4979"}],"wp:attachment":[{"href":"https:\/\/publicfinance.undp.sk\/en\/wp-json\/wp\/v2\/media?parent=4967"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/publicfinance.undp.sk\/en\/wp-json\/wp\/v2\/categories?post=4967"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/publicfinance.undp.sk\/en\/wp-json\/wp\/v2\/tags?post=4967"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}