New Czech Cybersecurity Act is effective
Contacts
Partner
Czech Republic
I enjoy working with innovative, creative and technology-rich businesses. Having joined our firm in 2009, I head up our Intellectual Property and Tech & Comms Groups in the Czech Republic and Slovakia.
Associate
Czech Republic
I am a junior associate based in our Prague office, focusing on Privacy and Data Protection and Intellectual Property Law.
Related
Practices
Sectors
- Automotive
- Aviation & Aerospace
- Defence & Security
- Energy & Utilities
- Financial Services
- Life Sciences and Healthcare
- Media, Entertainment and Sport
- Retail and Consumer
- Technology & Communications
Trending Topics
Regions
Countries
Offices
On November 1, 2025, a new Cybersecurity Act (the "Cybersecurity Act") has come into effect. The Cybersecurity Act implements the Directive (EU) 2022/2555 (the "NIS2 Directive"). The Cybersecurity Act significantly expands the number of regulated sectors and services. Experts anticipate that the Cybersecurity Act will affect 10 to 20 thousand private and public entities.
What to do?
By December 31, 2025, organizations need to
self-assess whether the Cybersecurity Act applies to them and
notify their regulated services to the National Cyber and Information Security Agency ("NÚKIB").
Considering the complexity of the self-assessment and the end-year rush, we recommend that all entities involved in the regulated sectors start preparing as soon as possible to comply with the new requirements.
Navigating the new requirements may be complex, but early preparation can make all the difference.
Latest insights
More Insights
Italy: Regulating Tourist Retail - How Venice and Other European Cities are Rewriting the Rules of the Historic Centre
7 minutes Jan 07 2026
New obligations applicable to consumers' right of withdrawal in France
2 minutes Jan 07 2026
Space and Satellite wrap up - Legal and regulatory developments in 2025
8 minutes Jan 07 2026