National Cyber and Information Security Agency

September 24, 2021	Regulation of the Use of Cloud Computing by Public Authority in the Czech Republic. Available to download here.
August 24, 2021	The Decree No 316/2021 Coll. on some requirements for incorporation into the cloud computing catalogue. The English translation can be downloaded here.
August 24, 2021	The Decree No 315/2021 Coll. on on security levels for the use of cloud computing by public authorities. The English translation can be downloaded here.
May 21, 2018	The Decree No 82/2018 Coll. on Security Measures, Cybersecurity Incidents, Reactive Measures, Cybersecurity Reporting Requirements, and Data Disposal (the Cybersecurity Decree). The English translation can be downloaded here.
December 8, 2017	The Decree No 437/2017 Coll. on the criteria for the determination of an operator of essential service came into force. The English translation can be downloaded here.
August 06, 2022	The amendment of the Act No 181/2014 Coll. on Cyber Security. The English translation of the amended Act can be downloaded here.
July 1, 2016	The amendment of the Decree No 317/2014 Coll. on important information systems and their determination criteria takes effect. The English translation can be downloaded here.
January 1, 2015	The Act No 181/2014 Coll. on Cyber Security takes effect together with implementing regulations.
December 19, 2014	On 19 December 2014 the regulations implementing the Act No 181/2014 Coll. on Cyber Security and change of related acts were published in the Collection of Laws: Decree No 316/2014 Coll. on Security Measures, Cyber Security Incidents and Reactive Measures ("Cyber Security Regulation"). Decree No 317/2014 Coll. on Important Information Systems and their Determination Criteria. Governmental order No 315/2014 Coll. which amends the Governmental order No 432/2010 Coll. on the Criteria for the Identification of a Critical Infrastructure Element.
August 29, 2014	The Act No 181/2014 Coll. on Cyber Security and change of related acts (Act on Cyber Security) has been published in the Collection of Laws on August 29, 2014. It will take effect on January 1, 2015.
August 13, 2014	The president of the Czech Republic Mr Miloš Zeman signed The Act on Cyber Security and change of related acts ("Act on Cyber Security"). The Act on Cyber Security will come into force on the day of publication in the Collection of Laws and will take effect on 1st January 2015.
July 23, 2014	The Senate of the Parliament of the Czech Republic adopted The Act on Cyber Security and change of related acts on July 23, 2014. The Act proposal will be now forwarded to the president of the Czech Republic for signature. The legislative text adopted by the Senate is available to download here.
June 18, 2014	The chamber of deputies of the Parliament of the Czech Republic adopted The Act on Cyber Security and change of related acts in 3rd reading on the 18th June 2014. The Act proposal will be now forwarded to the Senate of the Parliament of the Czech Republic for further hearings and adoption.
January 3, 2014	The Government of the Czech Republic approved on Thursday, January 2, 2014 the draft of The Act on Cyber Security and change of related acts ("Act on Cyber Security"). The draft of the Act was prepared and introduced by the National Security Authority. The draft of the Act will be introduced for further legislative negotiations to the Parliament of the Czech Republic.
June 28, 2013	The National Security Authority introduced on the 28th June 2013 to the Government of the Czech Republic the Act on Cyber Security and change of related acts (hereinafter referred to as the "Act on Cyber Security"). The draft of the Act can be downloaded here. The Act will now be addressed by the working committees of the Legislative Council of the Government and then the draft will be debated by the Government.
April 15, 2013	On the 15th April 2013, the NSA sent the draft of the Act on Cyber Security to the inter-ministerial consultation procedure (draft of the Act can be downloaded here). The NSA prepared a draft of the Act on Cyber Security on the basis of the Decision of the Government of the Czech Republic No 382 of 30 May 2012.The draft was created by an expert committee headed by the NSA and composed of representatives of the Ministry of Interior, Ministry of Defense, Czech Telecommunication Office and other relevant institutions. At the beginning of 2013, the NSA consulted the draft for two months with the expert public. The Act on Cyber Security is "based" on two principles and three pillars. The first principle is to minimize the interference with the rights of private persons; the second is the principle of individual responsibility for the security of respective information systems. The three pillars are as follows: 1. Security measures (standardization), 2. Cyber security incidents notice, 3. Countermeasures, it means response to incidents. The draft of the Act allows for two supervisory units - national and governmental. National CSIRT is meant for private and academic sectors, Governmental CERT for state institutions and critical information infrastructure. After the completion of the evaluation of the consultation procedure, the NSA plans to submit to the Government of the Czech Republic the Act on Cyber Security, including the draft of implementing regulations, for approval, at the end of June this year.
May 30, 2012	Since October 2011, the NSA has prepared a legislative intent of the Act, which was approved by the Decision of the Government of the Czech Republic No 382 of 30 May 2012. The approval will be followed by a period of consultations of particular expert issues. Work on paragraph wording of the Act will last until mid-2013.
October 19, 2011	In its Decision No 781 of 19 October 2011, the Government of the Czech Republic established the NSA to be the body responsible for cyber security and the national authority in this field. The Government approved the establishment of the National Cyber Security Centre as a part of the NSA. It also established the Cyber Security Council. The National Cyber Security Center as a part of the NSA is obliged to create a new Act on Cyber Security.

News

NÚKIB Representatives Co-Organized a Cyber Security Exercise in Albania

On 3 April 2024, a cyber exercise was held in Tirana, Albania, which was designed as an interactive, non-technical tabletop exercise aimed at high-level decision-makers, including security and strategic communication experts. The National Cyber and Information Security Agency (NÚKIB) was represented by Irena Adler Pavelková and Miroslava Čavojská from the Exercise Unit, who were directly involved in the preparation of the exercise scenario, its presentation, and moderation of the discussion among the participants. The exercise was organized within the framework of the EU Cybersecurity Capacity Building in the Western Balkans, which the Estonian governmental organization e-Governance Academy led in cooperation with the Dutch non-profit organization CILC.

In collaboration with colleagues from the Albanian National Authority for Electronic Certification and Cyber Security (AKCESK), a scenario was prepared for participants from various government institutions and bank representatives, including the Bank of Albania. The scenario focused on the escalating cyber crisis in the banking sector and highlighted the multidimensional nature of cyber threats. One of the objectives of the simulation was to discuss Albania's new cybersecurity legislation and to focus on cooperation and crisis communication between the institutions involved. The cyber exercise was also attended by the Deputy Prime Minister of Albania, Bellinda Balluku, who expressed her support for the project while emphasizing the importance of cyber security and increasing the resilience of the whole society in cyberspace.

Celá zpráva 2024-04-09

Legislation