Monday, 14 June 2021

Marko Rakar, Cybersecurity Keynote Speaker at Zagreb Digital Nomad Week (Interview)

June 14, 2021 - Zagreb Digital Nomad Week 2021 & Zagreb Digital Nomad Ambassador Project starts a week today, with the first day dedicated to the important issue of cybersecurity. And who better to present a keynote speech on cybersecurity in the Croatian capital than Marko Rakar? 

Canopy by Hilton will be the venue of the opening day of Zagreb Digital Nomad Week - 7 days, 7 themes, and 7 locations in the city. Of the 7 themes to be covered in the week (cybersecurity, online presence, remote careers, tax & finance, wellbeing, the future of work, and exploring Zagreb), the opening day focused on cybersecurity will possibly be the most stimulating. And when you add a simulating speaker to a stimulating topic, ZDNW is destined to get off to a great start. We are delighted to announce Marko Rakar as the keynote speaker on Day 1, and I am grateful to him for sparing a little more time for this pre-conference interview.  

On Monday, 21 June, keynote speaker Marko Rakar of will bring us insights into cybersecurity and data analytics as it relates to location independent work, Croatia and global issues for cybersecurity related to recruitment, government policy and business.

Marko Rakar is recognised by the World eGovernment forum as one of the “Top 10 who are changing the world of politics on the internet”. Based in Zagreb, Marko has diverse experience in media, consulting, lecturing and speaking engagements.

Marko is Chief executive of the consulting company MRAK Services Ltd headquartered in Zagreb, Croatia.

1. Cybersecurity - it is the thing we all know we should pay more attention to, but rarely do. Give us the bad news - how worried should we be?

In real life, if you stumble upon an unsafe situation you are likely to have only one adversary (or maybe few people operating in unison), but when we talk cybersecurity, you can be attacked by many completely different actors non-stop, and sometimes many will attack you at the same time. So, while your immediate physical security is not threatened - in cyberspace, you are facing many more adversaries of whom many are prepared and well versed in what they are about to do. Furthermore, with our increasing reliance on everything virtual where more and more of our identities are basically stored in some cloud, keeping our virtual identity safe and out of reach of bad actors should be our daily task. So yes, we should be worried.


2. How does Croatia rank in terms of cybersecurity safety?

It is a confusing question, cybersecurity is (in my opinion) not something which is or can be very different regarding your physical location, cyberspace does not recognize national borders. You face exactly the same risks being in US, Croatia or China, it is more likely that your cyber visibility will make you a bigger or smaller target. Still, as Croatia is one of the safest places on the planet for you to be, similary you are quite protected in cyberspace as well. In general, we face the same risks in some areas such as viruses or ransomware attacks, but are less exposed in some other areas such as identity theft and similar.

3. A few simple tips for the common digital nomad to improve their own personal cybersecurity?

Well, when talking about cybersecurity, I am strong believer in firm discipline and protocols. This means that I will always (no exceptions under any circumstances) log on to a service exclusively from a device which I own. My passwords are very long and yours should be too. Anything with 14 characters or more should be quite safe - think of a favourite poem or sentence from a book, something really long. You should use different passwords on different services, never re-use passwords, you should use two factor authentication on all important accounts (social media, your main email account) and anything related to banking and your financials.

Do not leave credit/debit card information on any service except for ones which you use regulary and for which you have reasonable assurance and trust that they are safe. When you get email which asks for some of your personal information, or even asks you to reset a  password, spend some time examining that message and check if it is valid and from exactly the person/institution which is presented in that message. Have your computer fully updated, make an ocassional full computer antivirus scan. Never execute software which you have downloaded from an unknown email message... There is no "secret recipe" to cybersecurity, only discipline and clearheaded thinking.


4. What are the biggest challenges facing governments and big business, where are the main threats coming from, and how can they best prepare themselves? 

Currently and possibly for some time, the largest threat is and will remain ransomware, software which will encrypt the contents of your computer and asks for some kind of bitcoin ransom in order to get your data back (and/or not leaked to the internet). When you have large systems with hundreds or possibly thousands of computers, your cybersecurity is as strong as its weakest link - which usually boils down to the dumbest person in the building who brought his son's notebook "which does not work properly" and then connects it to the company wide network (and of course, the corresponding IT department which did not prevent that from happening). So once again, computers should be fully updated, unknown devices from untrusted users should never be allowed on your network, regular security sweeps should be executed and above all, you should do regular backups which are stored separately from your data (Jesus not only saves, but frequently makes a backup is sensible advice to more religious people, and YOU WILL became religous when ransoware attacks).


5. Tell us a little about digitalisation and Croatia. How are we doing, and how to speed up the digital revolution here? 

Digital transformation in Croatia is, like everything else here, a story of contrast and unbeliveable achivements side by side colossal incompetencies and missed opportunities. In general, I would say that some services are great, such as netbanking services which are on the level of the very best you can find anywhere. Our government services are developing and are avaliable, but their development is uneven to the point that some services work great and flawlesly while others are barely usable and are absolutely unreliable to the point that some government eServices work only during the day (we literally have servers, plural, which will respond to you only during weekday working hours).

An important thing to know is that the procedures for handling documentation and legal processes in the Croatian "uhljeb"-powered bureaucracy have their roots in the 18th century Austro-Hungarian Empire. Back then people did not design their formal processes with computer workflow in their minds, so some of them are really, really hard to "translate" or digitise. Croatians, more than others, prefer form over function, which also means that we are really unwilling to take a long and hard look on why we do some things, and are very hesitant to change. As a result some of our eServices will leave you head scratching and wondering what happened there (or which chain of decisions lead to that particular result).

I am usually highly critical of Croatian eGovernment efforts, and I am critical not because I think they are particulary bad (but, as I said there are some unbeliveable stupid examples and situations), but because I know what kind of services we could have. To summarize, you will be pleasently surprised on how well Croatian businesses are handling the digital age and likely with eGovernment services too. We are probably at or above the EU average, and in some cases, we are cutting edge on the global stage.

6. There was a recent change of power in Zagreb, with the incoming mayor seemingly more open to reaching the digital age. What are your thoughts on the incoming administration and digitalisation?

The problem with Zagreb (and many other places as well) is that they have had the same leadership for a very long time. Those leaders are in general uneducated and their work processes and institution grew through the years by means of putting out one fire after the other. As a result, you have a barely functional administration which, to an outsider, looks like Frankenstein's monster, but is actually quite logical for us who witnessed on how it came to be.

The new Zagreb leadership (as well as Split or Rijeka) is full of highly educated people who have seen the world, who have breadth of sight and long-term perspective on society. They will, I sincerely hope, try to make order out of the mess they inherited. We all have high hopes, and I think that we will start seeing first results within months. All of us should be avaliable to help them with our ideas, solutions and hard work.


7. You are a man who works from an Internet connection around the world, and a long-term Zagreb resident. How do you rate Zagreb as a digital nomad destination in terms of safety, lifestyle and things to do?

Zagreb is a safe place to be, one of the safest you can imagine and security should really not be an issue. Furthermore, Zagreb is a city of culture, everyone will find something for themselves. There are a number of beautiful parks and a mountain literally within minutes of the city centre. You can bike almost anywhere, nothing is too far away and you can always relly on public transport and the omni-present taxi service. You will find many restaurants, clubs and bars and whole areas dedicated to leisure activities. There are many startup accelerators, shared workspaces as well as different events on just about any topic you can imagine.

On top of that, you will experience the relaxed lifestyle which is harder and harder to find these days. Not to mention that there are many destinations nearby, within two hours you can find your self swimming in the Adriatic, climbing the Alps, enjoying Slavonian wine cellars, or walking through unbeliveable beautiful and a slightly embarrasingly large number of waterfalls at Plitvice Lakes National Park. (Digital) nomads are welcome to Zagreb and I am sure they will like what they find here.

Want to attend the Marko Rakar session cybersecurity on Monday, June 21, either online of in person? Register here.

For more information about ZDNW 2021, check out the dedicated Saltwater Nomads page.

Thinking of applying to to be a Zagreb Digital Nomad Ambassador for a month from July 1 to December 31, 2021?

For the latest news and features about digital nomads in Croatia, follow the dedicated TCN section

Tuesday, 27 April 2021

Marko Rakar Discusses Cijepi Se Vaccination Platform Failure

April the 27th, 2021 - Croatian IT expert Marko Rakar, who has more than thirty years of experience in the field under his belt, has publicly criticised the now failed Cijepi se vaccination platform, referring to it as sloppy and irresponsible.

As Poslovni Dnevnik writes, IT expert Marko Rakar spoke on N1 recently about the problem with the Cijepi Se vaccination platform, which, according to reports, doesn't function at all, and which some larger healthcare institutions across the country have totally given up on using. Health Minister Vili Beros, on the other hand, says that everything is working - maybe not perfectly, maybe not the way they would like, but - it's still working.

"The question is whether there's a Cijepi Se vaccination platform at all," Rakar said at the beginning.

"It's merely a form on the Internet that doesn't perform even basic data collection properly. The Ministry's statement differs drastically from the Minister's interpretation of it. But the fact it isn't working has been confirmed by the 200,000 people who signed up, just 5,600 of them were referred through the platform. And 4,000 people, myself included, were wiped off it.

We know the Cijepi Se vaccination platform isn't working, everyone who has used it has testified that it's unusable, that it isn't integrated, that the data is incorrect... It happens that you have to enroll yourself on the platform, and a doctor then has to examine everything and manually transcribe it all somewhere else. What then is the point of the platform? Is it okay for their job to involve retyping something from one screen to another?'' Marko Rakar asked.

He said that it has been known for fifteen months now that there will be mass vaccination against the novel coronavirus taking place, and that there has been enough time to organise the system.

"Our Health Ministry is acting as if everything has come as a big surprise for which they'd not prepared. But doctors carry out vaccinations every day on a number of other grounds, on newborns, school children, they do flu vaccinations… It's unclear how this situation happened. Looking through a series of such bizarre events, we can conclude that someone needed to make some money and deliver something for the sake of something delivered,'' Rakar added.

He explained how long it takes to make a platform like the Cijepi Se vaccination platform.

"If we look at it very simply, what people can see through the Cijepi Se page can be done in one afternoon, but what lies behind all of that is much more important - the data must be shared with HZZO's IT systems, with hospitals, it must be compared with other databases…

However, those are stable, well-documented systems. In seven days this should be able to be done without much trouble. Considering that this has been being talked about for fifteen days now, we'd have been able to develop such a platform twice in that period,'' said Rakar.

It is, he added, a very simple task that is repeated every day and which appears very often in the work of people engaged in the development of such systems.

“This application with such specifications is at the level of high school education or for the first or second year of college. There's no excuse for it not to be working well. The vaccine system isn't integrated. This means that when you enter an OIB or MBO the system won't check if you've already been vaccinated or not, but this check can happen at later stages. If these people end up being invited again, we can say that it absolutely does not work at all,'' said Rakar.

A few days ago, the Health Ministry confirmed that a number of people who had signed up to be vaccinated had been deleted from the Cijepi Se vaccination platform.

"The first 4,000 people who applied were deleted. Of the 4,000 people who were wiped off the system, some must have become infected in the meantime, and someone could have since ended up on a respirator. The question of the responsibility for such a sloppy platform arises. I've been involved with informatics for over 30 years and I've never seen something so sloppy or irresponsible,'' concluded Marko Rakar.

For all you need to know about coronavirus specific to Croatia, including travel, quarantine and border rules, as well as the locations of testing centres across the country, make sure to bookmark our dedicated section.

Sunday, 12 April 2020

Marko Rakar: The Post-Coronavirus Future, Part II

From economic measures and FINA's desire to look good to issues of transparency and public spending, Marko Rakar takes a look at the post-coronavirus future for Croatia on the portal

April the 12th, 2020 - If you read the news (at least the international news), you've likely read that Americans reported an additional 6.2 million unemployed people yesterday, which means that about 17 million people have become unemployed in the past three weeks. From that perspective, that's about 10 percent of the total number of employees, and the question is: How come they have such an explosive growth of unemployed people, and there is so much less of that here in Croatia?

The workforce in Croatia (depending on who is counting, and how they're doing that counting) could be between 1.5 and 1.7 million (the criteria for the number of employees is somewhat unclear, as some self-employed activities and OPGs are not always part of these statistics), but let's say that this is about 1.7 million people, which is a mere 1 percent of the American workforce. Similarly, if we were to follow those trends, we would have to register about 170,000 unemployed people, and today we're closer to 17,000 (which can be clearly seen on, which is 1/10 of what has happened over in America.

We can certainly find some of the answers to this in the Croatian Government's measures as companies try to look at how permanent this situation might be, or what the overall effects of it will be on their businesses. Another, far greater factor (at least as I see it) are our labour laws which, among other things, provide for notice periods that are very lavish when compared to those in the US. If you rewind the film just a little bit, then you will know that the last day of school was March the 13th, 2020, while quarantine (or lockdown or whatever we like to call this situation) took effect on March the 23rd, 2020. Assuming that the typical ''termination period'' [at work] is one month, it's to be expected that those who have been laid off from the 13th of March onwards, will start going to the Croatian Employment Service only next week, and then we'll start to get a true, clear picture of the state of unemployment in Croatia.

There's no doubt that a huge number of people will end up going or have already gone to the Croatian Employment Service, and since the coronavirus pandemic has caught us right in the middle of Croatia's usual ascending cycle of seasonal employment, it is to be expected that these seasonal workers will not be able to find a job even along the coast, and due to the current, general prohibitions on cross-border movement, they won't be able to find a job abroad either (I wrote about the lack of seasonal workers in agriculture and the effect on the availability and rise in prices of certain agricultural products in the weeks to come earlier).

These seasonal workers are people who have jobs that are their elemental existence and the ongoing coronavirus situation for them is unfortunately not good at all. It's worth remembering that famous thirty percent that makes up the ''grey'' economy, the grey economy is not only made up of hospitality workers doing jobs ''under the table'' or just criminals, but also entire social groups (for example, those who have had their bank accounts blocked), and who have no alternative whatsoever but to work ''on the black''.

In these circumstances of forbidden movement, halting the general economy but also suspending all investments (think of small building projects along the coast, various pieces of construction in continental Croatia, or those assisting "on the black" in various trades and companies) - these people have been left without any, even illegal income, and as such - they will further slip towards poverty.

I think we're collectively underestimating the effects of the coronavirus-induced economic crisis we have run into at full speed. Until now, economic crises (and depressions) were entered slowly and gently, so much so that we did not realise for a long time what had actually happened, and this is a completely different situation now.

The real question is, and many people are discussing it, at what point can we begin to approach anything that resembles our lives before the aforementioned Friday the thirteenth of March, 2020?

If you look at this document (PDF) from the Boston Consulting Group, and if we look at Croatia's neighbouring countries or countries where the spread of coronavirus is somewhat similar to our situation, I think there is no doubt that it will not be possible to start facilitating movement before the second week of June.

It also means that we've not even reached the midpoint of the coronavirus crisis yet, and the question is, what will life look like in two months? ECB President Lagarde said last week that every month, lockdown means 2-3 percent of GDP less, and that figure, in Croatia's specific circumstances, should probably be multiplied by some factor, and all together, that needs to be multiplied to find out what the hole in the state budget will be.

Going back to facilitating isolation measures, we'll be hearing a lot about the examples of Austria, Denmark or the Czech Republic where they decided to start implementing these anti-epidemic measures earlier, but one should be very careful that what happened to Singapore doesn't happen here. Singapore, although it seemed to, didn't manage to address the spread of the coronavirus epidemic. The situation here in Croatia is very similar and most of those infected could be accompanied by a specific "importer" of the virus, but the last few days, and with the breakthrough of the virus into Croatian nursing homes and hospitals, don't really give us much reason for satisfaction.

The situation in Singapore is also interesting because the Croatian authorities, in an attempt to install a mass surveillance system, cite the example of Singapore as a good example where a monitoring application reportedly successfully helped stop the spread of the coronavirus epidemic.

Well, new facts have just arrived and they don't sound so great. The South Korean example also shows signs of "fatigue" and it's worth repeating once again that there's not even an indication of how such applications are actually helping to solve any problems, while violating the right to privacy and freedom from control in the most spectacular way (which I wrote about for Index). I wouldn't want to be petty right now, but all of a sudden we have a whole new set of applications and solutions (for example, there's the one from the civil protection staff for the issuance of passes), so, I'm interested, in the spirit of GDPR, who exactly is leading this, who will have access to the information we need to provide, why, and for how long?

It's clear to me that this is a perceived public good (though if 1/6 of the population has passes, their very existence should be called into question), but there are nevertheless some legal frameworks from which one should not ''jump'' - just like the one that sees that the decisions and the scope of those decisions made by the national [civil protection] headquarters are not within the law. How has that been missed by the powerful lawyers employed by the state and the public sector?

Of course, transparency criteria is also worth mentioning. Namely, a lot of things have been suspended during this time and the urgency of doing this is because of a whole lot of various purchases of any equipment and materials that are necessary in the fight against this coronavirus monster.

Nevertheless, it's necessary that the state, the public sector, and especially these locals (from Milan Bandic onwards), supply the true costs of this disaster to the public, and that they do so in real time. There's no excuse or reason for not doing so. We can start with the website itself, and we don't actually know who manages it (I know that sounds irrelevant and petty but…), they're not able to share the data in a machine-readable format one month later (I think this is intentional because they themselves have to have this information but they don't want to share it).

And then there is all the other information that might be interesting, such as the question of testing (why are we testing how much are we testing, as our tactics seem different from many). What are the reasons for this, is there a problem with materials (reagents, I'm not an expert so I don't know...) or is there another reason? Who are we procuring them from, and at what price?

And then, we can move on to the subsidy measures, where I'm forced to agree with the unions and say that they should publicly write which company has received money, how much money, and for what number of employees they money is for (and there is a logic to the request that the companies seeking a ban on dividend payments in the forthcoming period, similar to the way banks did, note that the EU recommended the non-payment of dividends while the Croatian National Bank and HANFA prohibited the payment of dividends - I feel some litigation and damages are on the horizon).

Transparency would help to identify any sort of abuse very quickly, and it would also discourage those who are thinking of resorting to some sort of blackening of public money. Unfortunately, transparency and public insight into the spending of public money isn't exactly popular in our area. It will be interesting to see if these payments are seen on the Ministry of Finance's website (which I conceived a long time ago, although my idea and this realisation don't have much to do with each other, but that's how it is when a bureaucratic mind reads instructions).

What I think we'll see with the anti-coronavirus economic measures of the Croatian Government (and somehow it seems to me that we need to read very carefully and differentiate the expected effects of the measures from the real money being pumped into the system) is that we've done a lot to make sure the measures of economic aid, that would by all criteria need to be really fast, simply aren't.

Lending through HBOR, HAMAG and who knows which other institutions (including banks) involve time-consuming administrative processes that are subject to scrutiny and review and of course decisions. In an environment where there will be thousands or even tens of thousands of such requests, it's difficult to expect the administrative apparatus to be able to keep up, so these measures, if they come and are approved, will come too late for many.

The absolute winner in creating meaningless services is of course FINA (they're also a safe bet in normal circumstances), they created a website where you can sign up for some coronavirus economic measures. They are not an implementing body, they don't decide on anything, and with the information they collect for nothing known to them they do absolutely nothing but pass it on to the bank or institutions mentioned above. Why anyone would do this rather than contact their bank directly is totally unclear. The geniuses at FINA probably realised that they, too, needed to do something, even if it was something completely pointless. The mere impression of them doing something is everything.

On the other hand, the state is digitising ys radically, and now that contact with clients is a potentially dangerous task, suddenly, all at once, everything can be done via the Internet or by email. Let's just hope the team documents what it's doing, because later it won't be possible to unravel what happened once something does come to a halt.

Thought of the day:
When faced with a radical crisis, when the old way of being in the world, of interacting with each other and with the realm of nature doesn’t work anymore, when survival is threatened by seemingly insurmountable problems, an individual life-form — or a species — will either die or become extinct or rise above the limitations of its condition through an evolutionary leap.

This text was written by Marko Rakar, was first published on, and was translated from Croatian into English by Lauren Simmonds

For more on coronavirus in Croatia, follow our dedicated section.

Tuesday, 6 August 2019

Marko Rakar on Croatian Politics, Presidential Candidates, Transparency (VIDEO INTERVIEW)

August 6, 2019 - TCN caught up with leading Croatian political consultant Marko Rakar for a  video interview on a range of topics about Croatia today.

He was the President of the European Association of Political Consultants until 2018, named in the world's top 100 most influential political professionals by Washington COMSOL in 2017, and a data architect whose biggest achievement perhaps was the successful removal of 800,000 fraudulent names from the Croatian electoral roll (in a country of just over 4 million people). 

TCN visited Marko Rakar in his office in Zagreb today to discuss a range of issues, including the current state of the Croatian government, the candidates for the upcoming Presidential election, transparency and digitalisation, Croatia after 6 years in the EU, and seeds of hope and change in modern Croatia. 

You can watch the interview in full in the video below.

Friday, 18 May 2018

Asylum Podcast with Borna Sor: Marko Rakar, Political Consultant and Exposer of Electoral Fraud

May 18, 2018 - Continuing the new TCN podcast, Asylum - Voices from Croatia, the Diaspora and Beyonda with Borna Sor, next up the Man with the Data, political consultant Marko Rakar, whose work exposing some of the weaknesses and corruption in Croatia's systems has had remarkable results. 

Monday, 3 July 2017

Marko Rakar: Elections Have Positive Effect on Economy

A contrarian view on government spending on parliamentary elections.