6,000 Cyber Incidents a Year Handled by Small Slovenian Team

A lean team of roughly a dozen analysts manages thousands of cyber incidents every year at Slovenia’s national response center. The unit, known as SI-CERT and housed within the public agency ARNES, fields a steady flow of reports involving online fraud, ransomware attacks, and phishing attempts. Gorazd Božič, the center’s manager, explained that the volume of cases has grown significantly, yet the small crew remains the frontline defense for the country’s digital security.

Božič noted that the team processes approximately 6,000 cyber incidents annually, a number that underscores the persistent threat landscape facing both individuals and organizations. The analysts triage each report, prioritizing the most urgent threats such as active ransomware infections or large-scale phishing campaigns. Despite limited staffing, the center has developed efficient workflows to handle the caseload, relying on automation and close collaboration with international partners.

The most common complaints, according to Božič, involve financial scams and social engineering tricks designed to steal credentials or money. Ransomware incidents, while less frequent, often require intensive coordination with law enforcement and impacted entities. The center also provides guidance to businesses and citizens on how to recognize and avoid common cyber threats, aiming to reduce the number of successful attacks.

Božič emphasized that the team’s effectiveness stems from its focus on rapid response and preventive education. By analyzing attack patterns and sharing alerts, SI-CERT helps organizations patch vulnerabilities before they are exploited. The center’s work is critical in a small country where resources are limited, but the stakes remain high as digital services become more integral to daily life and the economy.