Last year we defended two well-known institutions from complete compromise

The company Combis offers a complete service for establishing a comprehensive risk management system that Croatian companies must implement according to the Cybersecurity Act and the NIS2 directive. According to Mate Grbavac, Combis’s Director of Cybersecurity, it functions as a centralized defense system that automatically raises the level of protection for all others by detecting threats at one user.

What solutions does Combis have for aligning the operations of Croatian companies with the Cybersecurity Act and implementing the NIS2 directive?

– The law presents companies with a complex task – to establish a comprehensive risk management system, not just to implement individual technical solutions. At Combis, we apply the proven methodology Identify, Protect, Defend. We conduct an initial assessment of the state through a GAP analysis, which is the foundation of everything. Our consultants use recognized frameworks such as NIST and ISO 27001, combining them with penetration testing, exercises for in-depth analysis of security maturity, red teaming, and threat hunting, and identifying the exact deviation from legal requirements. After determining the current state, we define priorities and develop a concrete alignment strategy, everything required by Article 21.2 of the NIS2 directive. This is followed by the implementation of protective solutions such as EDR systems, next-generation firewalls, PAM solutions, and we conclude with continuous monitoring through our 30SEC SOC. For organizations that do not have internal expert leadership, we provide an external CISO service, and for teams that want to accelerate the process independently, we offer our new vCISO platform. This AI-driven tool allows users to automate up to 80 percent of documentation and continuously monitor compliance in real-time.

Which clients and where does Combis provide security operations center services, i.e., SOC services?

– Our 30SEC SOC monitors security for over a hundred companies and organizations from all key sectors, from finance, energy infrastructure, and telecommunications to public administration and commerce. In addition to Croatia, we have users in Slovakia and North Macedonia, making us one of the leading SOCs in the Deutsche Telekom group. Our team of 20 analysts, supported by more than 180 engineers, monitors over 35,000 endpoints. We function as a centralized defense system that automatically raises the level of protection for all others by detecting threats at one user. Our greatest advantage is integration into the Deutsche Telekom ecosystem. Through the MISP platform, we share threat data with ten European SOCs in real-time, allowing us to detect attack campaigns in their earliest stages and block threats before they reach users.

How many hacking attacks were prevented last year?

– In 2024, our SOC analyzed around 2,500 potential security incidents, which is almost seven per day. Each of these cases requires expert analysis to determine whether it is a false alarm or a real threat. From that enormous number, we identified and processed 57 serious threats that had real potential to cause harm. However, the most important data, which we are extremely proud of, is that we defended two well-known institutions from complete compromise last year. A scenario of total business paralysis and data theft was imminent, and this is where the strength of our SOC comes into play. The combination of advanced technology and top experts who managed to detect, isolate, and neutralize attackers before irreparable damage occurred.

What does a company’s cybersecurity depend on?

– Although the foundations always rest on people, processes, and technology, real security in 2025 will depend on a strategic approach to risk management and reputation protection. Attackers today mostly do not ‘break into’ systems but simply log in with stolen passwords. The weakest link remains the human, and the consequences of attacks are no longer just technical but directly threaten customer trust and business survival. When you approach security from this perspective, investing in it becomes an investment in business continuity. It all starts with employee awareness that they are the first line of defense and ends with choosing a partner who can provide comprehensive support. Here, our services complement each other, from CISO-as-a-service and AI vCISO platform for strategy and compliance to 30SEC SOC for continuous protection.

Content created in collaboration with Combis