{"id":72064,"date":"2025-09-23T10:12:23","date_gmt":"2025-09-23T08:12:23","guid":{"rendered":"https:\/\/zuniclaw.com\/sajber-bezbednost-stit-koji-cuva-vase-poslovanje\/"},"modified":"2025-09-30T13:58:21","modified_gmt":"2025-09-30T11:58:21","slug":"cybersecurity","status":"publish","type":"post","link":"https:\/\/zuniclaw.com\/en\/cybersecurity\/","title":{"rendered":"Cybersecurity \u2013 a Shield That Protects Your Business"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"72064\" class=\"elementor elementor-72064 elementor-72041\" data-elementor-post-type=\"post\">\n\t\t\t\t<div class=\"elementor-element elementor-element-059d8cd e-flex e-con-boxed e-con e-parent\" data-id=\"059d8cd\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-ebaad5a elementor-widget elementor-widget-text-editor\" data-id=\"ebaad5a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Cybersecurity is no longer an optional aspect of doing business, but a necessary precondition for safeguarding data, ensuring business continuity, and maintaining legal certainty. Modern companies, institutions, and organizations heavily rely on digital systems\u2014not only for data storage, but also for carrying out everyday operations. However, this very digital dependence opens the door to various forms of abuse and cyberattacks.<\/p><p>In practice, incidents such as unauthorized access to systems, customer data leaks, service outages, or phishing scams are no longer uncommon. The domestic landscape has not been spared from major cyberattacks either. According to <a href=\"https:\/\/www.cert.rs\/rs\/izvestaji.html\" target=\"_blank\" rel=\"noopener\">the 2024 report of the National CERT<\/a>, more than 100 million security incidents were recorded within the monitoring of ICT systems of special importance.<\/p><p>Among the most exposed sectors are <strong>digital infrastructure<\/strong> and <strong>information society services<\/strong>, with a total of 8,545,368 and 8,533,170 incidents reported, respectively.<\/p><p>The most frequent types of incidents included:<\/p><ul><li><strong>Port scanning<\/strong> \u2013 automated attempts by attackers to identify open entry points in systems,<\/li><li><strong>Exploitation of vulnerabilities<\/strong> \u2013 taking advantage of security flaws in software and systems,<\/li><li><strong>Credential theft attempts<\/strong> \u2013 including brute-force attacks and fake login pages.<\/li><\/ul><p>\u00a0<\/p><p>This clearly demonstrates the growing level of cyber risk in Serbia. These attacks range from extortion attempts and the spread of malware, to situations where employees, through negligence, grant access to confidential information. Such incidents not only bring reputational and operational consequences but also carry significant legal risks.<\/p><p>Inadequate protection of information systems can result in liability toward customers, partners, employees, and even regulatory authorities. For example, if a personal data breach occurs due to insufficient security measures, the data controller may be sanctioned under the <a href=\"https:\/\/zuniclaw.com\/en\/data-protection\/\">Law on Personal Data Protection<\/a>. A similar framework applies in the field of information technology, where obligations are defined by the <a href=\"https:\/\/zuniclaw.com\/en\/new-law-on-information-security\/\">Law on Information Security<\/a>. Moreover, recent legal developments increasingly introduce mandatory security standards, and non-compliance is treated not only as a technical failure but also as a misdemeanor\u2014or even as <a href=\"https:\/\/zuniclaw.com\/en\/law-on-personal-data-protection-serbia\/\">grounds for compensation claims<\/a>.<\/p><p>In addition, a significant number of attacks begin by exploiting the weaknesses of the human factor. Social engineering\u2014manipulating employees into unintentionally revealing confidential information or granting access to systems\u2014remains the most common attack method. No matter how strong the technical safeguards may be, they can be compromised with a single click on a malicious link, which clearly highlights the importance of employee training and a strong security culture within the organization.<\/p><p>Finally, current trends show that the costs of cyber incidents are steadily rising and that, in addition to technical solutions, organizational and legal safeguards are also essential. For this reason, it is crucial for every organization, regardless of its size, to understand the importance of preventive action and to implement measures that will protect it from the risks of the digital age.<\/p><p>\u00a0<\/p><h2>What protective measures are essential for effective cybersecurity?<\/h2><p>\u00a0<\/p><p>For information systems to be truly secure, it is necessary to apply a combination of different measures\u2014not only technical, but also organizational, personnel, and legal. This is not a single solution, but a comprehensive approach that covers every level: from infrastructure and software tools, through internal rules and employee responsibilities, all the way to contractual, regulatory, and insurance mechanisms.<\/p><p>Domestic regulations in the fields of <a href=\"https:\/\/zuniclaw.com\/en\/serbia-personal-data-protection-law\/\">data protection<\/a> and <a href=\"https:\/\/zuniclaw.com\/en\/new-law-on-information-security\/\">information security<\/a> clearly require organizations to ensure the security of their systems. This means implementing technical, organizational, and personnel measures that are tailored to the type of data being processed and the risks the organization faces.<\/p><p>This approach is also confirmed by European guidelines, such as <a href=\"https:\/\/www.enisa.europa.eu\/publications\/nis2-technical-implementation-guidance\" target=\"_blank\" rel=\"noopener\">the technical implementation guidance issued by ENISA<\/a>, which identifies key areas of security: from access control and employee training to incident management and business continuity planning. These guidelines were developed to support the practical implementation of the NIS2 Directive, and they provide organizations delivering digital services or operating critical activities with a clear framework for managing cyber risks.<\/p><p>In addition to technical and organizational aspects, legal mechanisms of protection play an equally important role. Even when a security incident occurs, well-structured confidentiality agreements, internal data protection policies, or cyber insurance can mitigate the consequences, enable a prompt response, and reduce the company\u2019s liability. This is why the legal aspect of protection should not be seen as an afterthought, but as an integral part of a comprehensive security strategy.<\/p><p>In the following sections, we present the most important technical, organizational, personnel, and legal measures of protection, along with practical examples, recommendations, and best practices. Particular emphasis is placed on legal mechanisms, which can provide organizations not only with better internal control but also with legal certainty in the event of incidents\u2014often a decisive factor in preserving both business continuity and reputation.<\/p><p>\u00a0<\/p><h3>Technical protection measures \u2013 the first line of defense against cyber threats<\/h3><p>\u00a0<\/p><p>Technical measures represent the first and most visible layer of protection within cybersecurity. However, their effectiveness depends not only on the quality of the solutions an organization uses, but also on how carefully those solutions are implemented, regularly updated, and tailored to specific risks. In other words, it is not enough to simply have \u201cantivirus software\u201d if it is not properly configured, updated, and monitored.<\/p><p>Technical measures cover a wide range of tools and practices. They start with the basics, such as antivirus programs and firewalls, and extend to more advanced solutions like data encryption, multi-factor authentication, and threat detection and response systems. Their purpose is to prevent intrusions, protect confidential data, preserve system integrity, and ensure rapid recovery in the event of an incident.<\/p><p>\u00a0<\/p><p><strong>Commonly used technical measures:<\/strong><\/p><ul><li><strong>Encryption<\/strong> \u2013 protects data even if it falls into the hands of unauthorized parties. Without the proper key, the information remains unreadable.<\/li><\/ul><ul><li><strong>Multi-factor authentication (MFA)<\/strong> \u2013 adds an extra layer of account protection, making unauthorized access more difficult even if passwords are compromised.<\/li><\/ul><ul><li><strong>Firewalls and antivirus software<\/strong> \u2013 the foundation of network and endpoint protection.<\/li><\/ul><ul><li><strong>EDR\/XDR systems<\/strong> \u2013 advanced tools for real-time detection of and response to intrusions.<\/li><\/ul><ul><li><strong>VPN and domain protection<\/strong> \u2013 secure access to networks and safeguarding the organization\u2019s online identity.<\/li><\/ul><ul><li><strong>Regular data backups<\/strong> \u2013 essential for fast recovery and business continuity after an incident.<\/li><\/ul><ul><li><strong>Penetration testing and vulnerability scanning<\/strong> \u2013 proactive methods for identifying weaknesses in systems.<\/li><\/ul><p>\u00a0<\/p><p>The absence of adequate technical measures can have serious consequences for a company, as illustrated by the following case: <em>Ransomware attack on the gaming industry \u2013 the Capcom incident.<\/em><\/p><p>In November 2020, Japanese company Capcom, a global leader in video game development (known for titles such as <em>Resident Evil<\/em> and <em>Street Fighter<\/em>), fell victim to a sophisticated ransomware attack. The attackers exploited an outdated VPN server at one of the company\u2019s branches to infiltrate the network, stealing around 1 terabyte of data and encrypting critical IT systems.<\/p><p>The ransom demand amounted to 11 million dollars, which Capcom, in cooperation with the authorities, refused to pay. As a result, the sensitive data of more than 15,000 individuals (employees, partners, and users) was published online. The incident forced the temporary shutdown of email servers and other systems, leading to significant reputational damage. Only after the attack did the company implement modern security measures such as SOC monitoring and EDR solutions, thereby increasing its resilience.<\/p><p>This case demonstrates that even technology giants are not immune to cyber threats and that prevention, up-to-date infrastructure, and legal resilience form the foundation of an effective incident response.<\/p><p>\u00a0<\/p><h3>Organizational and personnel measures \u2013 people and procedures as the cornerstone of system stability<\/h3><p><strong>\u00a0<\/strong><\/p><p>While technical measures are often seen as the core of cybersecurity, experience shows that it is the human factor and internal organizational weaknesses that most often open the door to attacks. No matter how sophisticated the technology, a single poor judgment, negligence in handling confidential data, or failure to react to a suspicious event can compromise the entire system.<\/p><p>This is why information security must not be viewed solely as the responsibility of the IT department, but rather as an integral part of organizational culture and business strategy.<\/p><p>\u00a0<\/p><p><strong>Key organizational and personnel measures<\/strong><\/p><ul><li><a href=\"https:\/\/zuniclaw.com\/en\/information-security-law\/\"><strong>Information security policies and procedures<\/strong><\/a> \u2013 formalized documents that clearly define system access rules, data classification and protection, as well as employee conduct in the event of an incident.<\/li><li><a href=\"https:\/\/zuniclaw.com\/en\/zunic-law-academy\/\"><strong>Employee training and awareness-raising<\/strong><\/a> \u2013 regular education of all staff about risks (e.g., phishing), how to recognize suspicious behavior, and rules for the secure use of company resources. Simulated attacks (e.g., test phishing emails) are particularly valuable.<\/li><li><a href=\"https:\/\/zuniclaw.com\/lice-za-zastitu-podataka-o-licnosti-dpo\/\"><strong>Personnel policy<\/strong><\/a> \u2013 background checks during recruitment (especially for positions with access to sensitive systems), inclusion of confidentiality clauses in employment contracts, as well as access control and rights management based on the \u201cleast privilege\u201d principle.<\/li><li><a href=\"https:\/\/zuniclaw.com\/en\/information-security-law\/\"><strong>Incident response plan<\/strong><\/a> \u2013 clearly defined procedures for reporting, handling, and documenting security incidents, along with defined responsibilities (e.g., a designated Incident Response Team).<\/li><li><strong>Access control and audit policy<\/strong> \u2013 regular review of user privileges, logging of activities, and maintaining records of access to sensitive data and systems.<\/li><\/ul><p>\u00a0<\/p><h3>\u00a0<\/h3><h3>Legal perspective: ensuring the sustainability of security measures<\/h3><p><strong>\u00a0<\/strong><\/p><p>Organizational and personnel measures in the field of cybersecurity require <strong>not only operational, but also<\/strong> <strong>legal attention<\/strong>. Establishing security policies, setting out employee obligations, and regulating relationships with external partners must be based on clear, precise, and enforceable documentation.<\/p><p>The necessity of proper organizational and personnel measures is best illustrated by a real-life case in which a \u201csingle wrong click\u201d paralyzed a hospital system in the United States.<\/p><p>In May 2024, one careless click by an employee in the American healthcare system, Ascension\u2014a network of around 140 hospitals\u2014was enough to trigger a ransomware attack with serious consequences. A malicious email attachment gave attackers access to the internal network, leading to the compromise of critical servers and systems.<\/p><p>Electronic patient records, diagnostic platforms, and other digital services became unavailable, forcing medical staff to switch to manual record-keeping, which further endangered the treatment process and patient safety.<\/p><p>This case clearly shows that technology alone is not enough\u2014continuous employee training, the implementation of accountability policies, and incident response planning are all essential to ensure threats are detected and contained before they cause serious disruption.<\/p><p><a href=\"https:\/\/zuniclaw.com\/en\/data-protection\/\">The expert team at <strong>Zunic Law<\/strong><\/a> assists clients in:<\/p><ul><li>drafting or revising internal information security policies,<\/li><li>properly formulating data protection and liability clauses in employment contracts or agreements with external partners,<\/li><li>aligning internal documentation with the <strong>Law on Personal Data Protection<\/strong> and IT regulations.<\/li><\/ul><p>\u00a0<\/p><p>In this way, companies obtain a <strong>legal framework that supports their technical and organizational measures<\/strong>, thereby strengthening their overall resilience to risks.<\/p><p>\u00a0<\/p><h2>Legal protection mechanisms: contracts, trade secrets, and insurance<\/h2><p><strong>\u00a0<\/strong><\/p><p>Although often overlooked in the context of cybersecurity, <strong>legal mechanisms represent a crucial layer of protection<\/strong>\u2014not only for prevention, but also for effectively managing the consequences of incidents. Contracts, internal acts, and insurance form the foundation for clearly defining responsibilities, obligations, and legal consequences in the event of an information security breach.<\/p><p>\u00a0<\/p><h3 style=\"padding-left: 40px;\">A) Contractual obligations \u2013 protection through business relationships<\/h3><p>\u00a0<\/p><p>Every organization should ensure that its contracts with employees, external partners, and IT vendors include clauses covering:<\/p><ul><li>obligations related to the protection of confidential data, including the prohibition of unauthorized access and use,<\/li><li>incident notification clauses \u2013 clear rules on reporting security incidents,<\/li><\/ul><ul><li>precisely defined liability for damages arising from information system breaches.<\/li><\/ul><p>\u00a0<\/p><p>For example, contracts with IT providers and cloud services should contain clear SLA (Service Level Agreement) clauses regulating response times to incidents, the scope of support, and the security standards the provider must meet.<\/p><p style=\"padding-left: 40px;\">Imagine Company A, a domestic IT provider, engaged by international Company B to deliver cloud hosting for an e-commerce platform. Over a weekend, the platform was hit by a major DDoS attack, leaving the client\u2019s system unavailable for several hours, which resulted in financial losses and threats of contract termination.<\/p><p style=\"padding-left: 40px;\">In such a case, the key safeguard would be an SLA clearly defining the maximum response time, the obligation to promptly notify the client, and the exact scope of support the provider must deliver. If these obligations are fulfilled, the provider can demonstrate compliance with the contract and protect itself from unfounded compensation claims.<\/p><p style=\"padding-left: 40px;\">By contrast, without an SLA\u2014or with one that is vague or incomplete\u2014the provider would be in a far weaker position. In that situation, the burden of liability could fall entirely on them, with no contractual limitation or protection, significantly increasing not only financial risks but also reputational damage.<\/p><p>\u00a0<\/p><h4>Case study: <em>Petya\/NotPetya \u2013 when an update becomes a weapon<\/em><\/h4><p>\u00a0<\/p><p>In June 2017, a global cyberattack broke out with the ransomware virus Petya. It was later determined, however, that this was in fact a sophisticated, destructive malware\u2014NotPetya\u2014whose real aim was not ransom, but the deletion of data and the disabling of systems.<\/p><p>The malware spread through a compromised update of the Ukrainian accounting software M.E.Doc, exploiting a weakness in the supply chain. Many organizations, believing it was a legitimate update, installed the software without suspicion\u2014allowing the malicious code to spread quickly and widely.<\/p><p>The attack had global repercussions, striking multinational companies such as Maersk, Merck, and FedEx, and causing damages measured in the billions of dollars. Although users initially believed it was a typical ransomware attack, subsequent technical analyses showed that there was no way to recover the encrypted data. This reclassified the incident as an act of digital sabotage rather than extortion.<\/p><p>This case demonstrates the importance not only of strong technical safeguards but also of <strong>contractually regulated relationships with software vendors<\/strong>, with clearly defined security standards and obligations\u2014since even legitimate supply chains can become the entry point for a serious incident.<\/p><p>\u00a0<\/p><h3>b) Confidentiality and trade secrets \u2013 controlling access through contractual obligations<\/h3><p><strong>\u00a0<\/strong><\/p><p>In today\u2019s digital environment, where access to data is often granted to different categories of individuals\u2014from employees and external collaborators to subcontractors, partners, and IT service providers\u2014<strong>legally regulated confidentiality<\/strong> is one of the cornerstones of cybersecurity. Technical safeguards may be robust, but if information \u201cleaks\u201d through poorly defined contractual relationships, the consequences for a company can be severe\u2014reputational, legal, and financial.<\/p><p>This is why implementing <a href=\"https:\/\/zuniclaw.com\/en\/non-disclosure-agreements\/\"><strong>non-disclosure agreements (NDAs)<\/strong><\/a> is an indispensable step in data protection, especially in sectors that rely on digital services, software, IT development, and the processing of sensitive information.<\/p><p>Practice shows that it is crucial to distinguish between several categories of contractual relationships that require tailored NDA arrangements:<\/p><ul><li><strong>IT sector and digital solution development<\/strong> \u2013 In the context of digital services and software development, it is particularly important to regulate access to source code, system architecture, databases, and internal technical specifications. In such cases, NDA clauses are often part of broader IT contracts, but they can also be standalone documents that clearly set the boundaries of use, the obligation to maintain confidentiality, and the prohibition of disclosing technical information.<\/li><li><strong>External collaborators and contractors<\/strong> \u2013 Freelancers, consultants, and specialized vendors often have limited-term but deep access to an organization\u2019s systems. Here, it is especially important to define by contract <a href=\"https:\/\/zuniclaw.com\/en\/independent-contractor-nda\/\"><strong>what constitutes confidential information<\/strong><\/a><strong>, how it must be protected during and after the engagement, and the consequences of breaching confidentiality<\/strong>. Such agreements provide a clear framework in situations where there is no standard employment relationship, but a high level of trust is required.<\/li><li><strong>Employees with access to sensitive information<\/strong> \u2013 Employment contracts should include specific confidentiality clauses, particularly when employees have access to customer data, internal analyses, development plans, or system-level privileges. <a href=\"https:\/\/zuniclaw.com\/en\/nda-with-employees\/\"><strong>NDAs with employees<\/strong><\/a> allow the company, in the event of an incident or data leak, to clearly identify the breach of obligation and seek accountability\u2014whether the breach was intentional or due to negligence.<\/li><\/ul><p>\u00a0<\/p><p>In all these scenarios, carefully structured confidentiality agreements not only help prevent risks but also serve as critical evidence in the event of a <a href=\"https:\/\/zuniclaw.com\/en\/dispute-resolution\/\">dispute<\/a> and as a strong internal control mechanism.<\/p><p>\u00a0<\/p><h3>c) Cyber insurance \u2013 a mechanism for mitigating the consequences of attacks<\/h3><p><strong>\u00a0<\/strong><\/p><p>No matter how carefully technical, organizational, and legal measures are designed, no system is completely immune to cyber incidents. For this reason, more and more organizations are turning to an additional layer of protection\u2014<strong>cyber insurance<\/strong>, which helps reduce the harmful consequences of an attack, whether financial, reputational, or legal.<\/p><p>Cyber insurance policies may cover:<\/p><ul><li>the costs of investigation and recovery (including digital forensics),<\/li><li>business interruption and revenue loss resulting from the attack,<\/li><li>liability to third parties\u2014including compensation for clients whose data was compromised,<\/li><li>legal expenses and regulatory fines (e.g., in cases of personal data breaches),<\/li><li>as well as ransom payments demanded in<em> ransomware<\/em> attacks.<\/li><\/ul><p>\u00a0<\/p><p>However, coverage for ransom payments can also have negative side effects. If insurance includes ransom payments, attackers may be more likely to target such organizations, expecting that they will agree to pay more easily. This aspect, therefore, requires careful strategic consideration when negotiating cyber insurance policies and defining the scope of coverage.<\/p><p>That is why it is recommended that organizations include this form of protection as part of a broader cybersecurity strategy, with legal support during the process of reviewing and negotiating terms with the insurer. Well-drafted policy conditions, aligned with the organization\u2019s legal obligations, can be critical at the moment an incident occurs.<\/p><p>\u00a0<\/p><h2>ISO standards \u2013 aligning operational measures and legal obligations<\/h2><p><strong>\u00a0<\/strong><\/p><p>ISO standards in the field of information security (most notably ISO 27001) provide an internationally recognized framework for establishing an information security management system (ISMS). Their role is to give organizations clear rules, procedures, and records so that security becomes part of everyday business operations, not just a collection of technical tools.<\/p><p>In practice, ISO standards cover:<\/p><ul><li>defining data protection policies and procedures (who has access rights, how information is stored and classified, how backup and recovery are organized),<\/li><li>risk management and keeping records of the measures applied,<\/li><li>clearly assigning roles and responsibilities to employees in the event of security incidents,<\/li><li>ensuring continuous review and improvement of existing measures, along with employee training.<\/li><\/ul><p>\u00a0<\/p><p>\u00a0<\/p><h3>Why ISO standards matter for business<\/h3><p>\u00a0<\/p><p>ISO frameworks significantly simplify the process of demonstrating that an organization has implemented \u201creasonable protection.\u201d In business relations, this means that a company can more easily:<\/p><ul><li>respond to security questionnaires and audits from potential partners,<\/li><li>prove compliance with regulatory requirements,<\/li><li>meet contractual obligations toward clients and vendors (e.g., through SLAs \u2013 Service Level Agreements and DPAs \u2013 Data Processing Agreements).<\/li><\/ul><p>\u00a0<\/p><p>In this way, ISO standards serve as a bridge between technical and organizational measures on the one hand, and legal and contractual obligations on the other. As a result, organizations enhance their level of cybersecurity and gain a verifiable framework that facilitates cooperation with clients, partners, and regulators.<\/p><p>\u00a0<\/p><h2>Cybersecurity as a strategic priority<\/h2><p><strong>\u00a0<\/strong><\/p><p>Cybersecurity is no longer a matter of choice\u2014it is a necessity. In an era where digital systems form the backbone of business, the question is not <em>if an attack will happen, but when and how an organization will respond<\/em>. A combination of technical, organizational, and legal measures not only protects data and infrastructure but also demonstrates the maturity and accountability of a business toward its clients, partners, and regulators.<\/p><p>Security is not built on technology alone\u2014it is established through rules, contracts, training, response plans, and strategic preparation. This is why engaging experts who understand both the IT and legal frameworks is essential, not only for prevention but also for effective incident management.<\/p><p>In today\u2019s digital reality, where every weakness can become a target, implementing strong protective mechanisms in a timely manner is the only sustainable strategy.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Cybersecurity is no longer an optional aspect of doing business, but a necessary precondition for safeguarding data, ensuring business continuity, and maintaining legal certainty. Modern companies, institutions, and organizations heavily rely on digital systems\u2014not only for data storage, but also for carrying out everyday operations. However, this very digital dependence opens the door to various [&hellip;]<\/p>\n","protected":false},"author":27,"featured_media":72062,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[219,126,110],"class_list":["post-72064","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-law","category-privacy-data-protection-en","category-information-technology-en"],"_links":{"self":[{"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/posts\/72064","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/comments?post=72064"}],"version-history":[{"count":7,"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/posts\/72064\/revisions"}],"predecessor-version":[{"id":72080,"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/posts\/72064\/revisions\/72080"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/media\/72062"}],"wp:attachment":[{"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/media?parent=72064"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/categories?post=72064"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}