About the Government Information Security Office

The Government Information Security Office (GISO) is the competent national authority in the field of information security, which acts as a government office. Our core mission is to increase resilience to cyber threats that can threaten individuals, businesses, government and society at large.

For this purpose, we connect stakeholders within the national information security system and coordinate operational capabilities at the strategic level. We pay special attention to entities subject to the Information Security Act (ZInfV-1) in carrying out their tasks and provide them with professional support in the field of information security. Among other things, we provide opinions within our competence, analyses, methodological support, and preventive activities. We also coordinate training, exercises, and educational activities, and work to raise public awareness of the importance of information security. In addition, we perform the tasks of the national cybersecurity certification authority.

We carry out the tasks of a single contact point, which plays a connecting role in the field of cybersecurity and defense to ensure cross-border cooperation with other countries and international organizations. We represent and promote the interests of the Republic of Slovenia in working groups on cybersecurity and defense within the Council of the European Union, the European Commission, the EU Agency for Cybersecurity (ENISA), NATO, and other international organizations.

We are the National Cybersecurity Coordination Center (NCC-SI) and, in this role, responsible for carrying out the tasks defined in Regulation (EU) 2021/887. We also serve as the National Cyber Hub in accordance with the first, second, and third paragraphs of Article 4 of Regulation (EU) 2025/38, and we participate in the cross-border Cyber Hub based on the fourth paragraph of that article, as well as in the European cybersecurity early warning system under Article 3 of the same regulation.

We are the competent authority for managing large-scale cybersecurity incidents and crises (the Cyber Crisis Management Authority) in the Republic of Slovenia, and in this capacity, we are the national authority responsible for participation in the EU-CyCLONe network. By informing the Government and the National Security Council (SNAV) about an increased threat level due to the likelihood of a critical incident or cyberattack, we are integrated into the national security system. Through our own inspection service, we supervise the implementation of the Information Security Act (ZInfV-1).