National Cyber and Information Security Agency

When a cybersecurity incident (CSI) is reported, members of the government’s expert team are prepared to provide technical assistance, including suggesting further preventive measures. If it is discovered that an incident has targeted multiple entities, they are prepared to coordinate a common approach to a solution. If you report an incident that does not fall into the authority of the government team (CII, IIS, ES), we will ensure its transfer to the relevant security team.

The timely reporting of an incident does not primarily lead to sending an oversight team to your organization nor to levy fines, but only to record, analyse, and possibly offer our support. We welcome any reports of security incidents on any of your systems including those that do not fall into the CII, IIS a ES categories.

To report a CSI, we recommend using the process described in paragraph 32 of regulation #82/2018 Coll. about security measures, cybersecurity incidents, reactive measures, requirements for filing in the area of cybersecurity, and destruction of data (the Cybersecurity Regulation).

Form

Please download and complete the electronic form (editable PDF) to report a CSI. After all information has been provided, please send the file by:

The National Cyber and Information Security Agency (NUKIB) e-mail: cert.incident@nukib.cz.
We recommend PGP encryption for more secure and trustworthy communication. Learn details about how to use PGP here. The subject should include the type of incident (i.e. DDoS, phishing, ransomware, etc.) for easier sorting of incidents among individual analysts,
NUKIB data box ID: zzfnkp3

Data interface (XML format for incident reporting)

This format can be used to send all the necessary details of the incident in XML format or it can be implemented into a proprietary application for reporting cybersecurity incidents and events. This is a valid equivalent to the above form. Learn more information about the format, including a specific example of a fictious incident and the option of downloading it here.

By phone

In case of a sudden emergency situation where time is of the essence, you can call the GovCERT.CZ during working hours at +420 541 110 777. Outside standard working hours, use +420 725 502 878.

GovCERT.CZ respects the privacy of all people and institutions who contact us, and we consider all reported incidents to be confidential information.

News

NÚKIB Representatives Co-Organized a Cyber Security Exercise in Albania

On 3 April 2024, a cyber exercise was held in Tirana, Albania, which was designed as an interactive, non-technical tabletop exercise aimed at high-level decision-makers, including security and strategic communication experts. The National Cyber and Information Security Agency (NÚKIB) was represented by Irena Adler Pavelková and Miroslava Čavojská from the Exercise Unit, who were directly involved in the preparation of the exercise scenario, its presentation, and moderation of the discussion among the participants. The exercise was organized within the framework of the EU Cybersecurity Capacity Building in the Western Balkans, which the Estonian governmental organization e-Governance Academy led in cooperation with the Dutch non-profit organization CILC.

In collaboration with colleagues from the Albanian National Authority for Electronic Certification and Cyber Security (AKCESK), a scenario was prepared for participants from various government institutions and bank representatives, including the Bank of Albania. The scenario focused on the escalating cyber crisis in the banking sector and highlighted the multidimensional nature of cyber threats. One of the objectives of the simulation was to discuss Albania's new cybersecurity legislation and to focus on cooperation and crisis communication between the institutions involved. The cyber exercise was also attended by the Deputy Prime Minister of Albania, Bellinda Balluku, who expressed her support for the project while emphasizing the importance of cyber security and increasing the resilience of the whole society in cyberspace.

Celá zpráva 2024-04-09

Incident Reporting

Form

Data interface (XML format for incident reporting)

By phone