Conference SPEAKERS

Uros Zust

IT Assurance & Advisory Partner at Mazars

Bio

Uros is an IT Assurance & Advisory Partner at Mazars Slovenia, responsible for the South East Europe region (including Croatia, Bosnia and Serbia). He has more than 18 years of experience working in information systems auditing, cyber security, security reviews, risk and governance, and standards compliance in a wide range of companies and entities such as financial institutions, private and public companies. He lived and worked 5 years in US where he specialized in PCAOB audits and cyber security in the gaming and financial sector. He was also serving as the president of ISACA in Las Vegas and has over 8 years of experience on the board of ISACA Slovenia.

Uros has a BSc of economics (Business Informatics Major) from the Faculty of Economics, University of Ljubljana and has obtained Preizkušeni Revizor Informacijskih Sistemov (PRIS) at The Slovenian Institute of Auditors, Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM) designations issued by ISACA, as well as the Certified Information System Security Professional (CISSP) by ISC2 and Project Management Professional (PMP) by PMI. He is also an ISACA CISA and CISM Accredited Trainer.

Uros has two other professional passions – public speaking and mentoring younger professionals. His dream is that when he retires, he will travel around the world holding seminars, workshops and mentoring sessions that will help support younger professionals’ development as this was something he mostly lacked in the early years of his career.

Presentation Abstract

Achieving NIS 2 Directive compliance with the help of ISO/IEC 27000 standards

In an increasingly interconnected digital world, protecting sensitive information and securing critical infrastructure have become paramount priorities for businesses. As cyber threats continue to evolve, organizations must take proactive measures to fortify their defences. EU has created NIS 2, an EU-wide legislation on cybersecurity that provides legal measures to boost the overall level of cybersecurity in the EU.

In this presentation, we will explore how the renewed ISO/IEC 27000 standards can help us achieve compliance with the NIS 2 Directive. We will delve into the 10 risk management measures mandated by NIS 2 Directive and learn how they align with the guidelines of ISO/IEC 27000. By understanding these measures, businesses can gain a comprehensive grasp of potential risks and develop strategic responses to safeguard their assets.

The presentation will emphasize the importance of conducting thorough cybersecurity risk evaluations throughout the supply chain, in accordance with both NIS 2 Directive and ISO/IEC 27000 standards. The areas covered will include incident detection, reporting and response procedures, workforce education, business continuity and crisis management plan, implementation of the Information Security Management Systems (ISMS), and employing secure development practices, as compliance with NIS Directive and ISO/IEC 27002:2022 demands a security-first mindset.

Play Video