We are pleased to announce that Aktiva Info d.o.o. is one of 134 Croatian companies awarded grant funding under the call “Strengthening Cybersecurity of Micro, Small and Medium Enterprises (SMEs)”, implemented by CARNET’s National Coordination Centre for Industry, Technology and Research in Cybersecurity (NKS). The program is worth approximately €2.9 million in total and is co-funded by the European Union.
Grant agreements were presented to recipients at an award ceremony held at the National and University Library in Zagreb.
Why we applied
Our software runs mission-critical operations for our clients every single day. S24 WMS manages warehouse operations for more than 250 logistics, distribution, and manufacturing companies — including Lagermax, Hrvatska Pošta, Ralu Logistika, and Vetropack. Our ticketing system for maritime operators processes bookings and ticket sales in passenger shipping.
Inventory data, orders, dispatches, bookings, and ERP integrations flow through our systems continuously. Every one of those data points represents business value we are obligated to protect.
Cyber threats targeting European SMEs are growing year over year, and the regulatory landscape — above all the NIS2 Directive — is placing increasingly strict requirements on companies in the supply chains of critical sectors like logistics and transport. As a software vendor to those sectors, we’re not waiting for security to become an obligation. We want it to be our competitive advantage.
What the project covers
The project consists of three main activities:
1. ISO/IEC 27001 certification
We are establishing a complete Information Security Management System (ISMS) in line with the international standard ISO/IEC 27001:2022. This includes risk assessment, information asset classification, security policies and procedures, access management, secure software development (secure SDLC), and business continuity planning. The process concludes with an independent certification audit by an accredited certification body.
For our clients, this means Aktiva Info’s security practices will be formally documented, regularly audited, and confirmed by an internationally recognized certificate — not just a matter of internal trust.
2. Penetration testing
Independent security experts will conduct penetration tests of our key systems — the S24 WMS platform and the maritime ticketing system. The goal is to identify and remediate vulnerabilities before anyone else finds them. Test findings will feed directly into our development process and the ISMS security controls.
3. Cybersecurity awareness program
Technology is only part of the security equation — the majority of successful attacks still begin with human error. That’s why every Aktiva Info employee will complete a structured security training program: from recognizing phishing attacks and handling data securely to secure software development practices for our engineering team.
What this means for our clients
Concretely, three things:
- Verified security, not promised security. An ISO 27001 certificate means an independent auditor has confirmed our security practices — something a growing number of enterprise clients and public-sector buyers now require from their software vendors.
- Tested systems. Penetration testing of S24 WMS and the ticketing platform provides objective confirmation of the resilience of the systems our clients rely on every day.
- Easier compliance for you. If your business falls under the NIS2 Directive or similar requirements, having a certified vendor in your supply chain strengthens your own regulatory position.
Timeline
Project implementation is underway and will be implemented in 12 months. We will report on key milestones — completion of the ISMS, certification audit results, and the awarding of the certificate — here on the blog and on our LinkedIn page.
Thank you
We thank the National Coordination Centre for Cybersecurity (NKS) and CARNET for recognizing our project and for their systematic support of Croatian SMEs in building cyber resilience. Programs like this one make the difference between security as a cost and security as a strategic investment.
This project is co-funded by the European Union under the call “Strengthening Cybersecurity of Micro, Small and Medium Enterprises (SMEs)” implemented by CARNET — National Coordination Centre for Industry, Technology and Research in Cybersecurity.
Questions about the security of our systems, or curious how S24 WMS can improve your warehouse operations? Contact us.