New Czech Cybersecurity Act is effective
Contacts
Partner
Czech Republic
I enjoy working with innovative, creative and technology-rich businesses. Having joined our firm in 2009, I head up our Intellectual Property and Tech & Comms Groups in the Czech Republic and Slovakia.
Associate
Czech Republic
I am a junior associate based in our Prague office, focusing on Privacy and Data Protection and Intellectual Property Law.
Related
Practices
Sectors
- Automotive
- Aviation & Aerospace
- Defence & Security
- Energy & Utilities
- Financial Services
- Life Sciences and Healthcare
- Media, Entertainment and Sport
- Retail and Consumer
- Technology & Communications
Trending Topics
Regions
Countries
Offices
On November 1, 2025, a new Cybersecurity Act (the "Cybersecurity Act") has come into effect. The Cybersecurity Act implements the Directive (EU) 2022/2555 (the "NIS2 Directive"). The Cybersecurity Act significantly expands the number of regulated sectors and services. Experts anticipate that the Cybersecurity Act will affect 10 to 20 thousand private and public entities.
What to do?
By December 31, 2025, organizations need to
self-assess whether the Cybersecurity Act applies to them and
notify their regulated services to the National Cyber and Information Security Agency ("NÚKIB").
Considering the complexity of the self-assessment and the end-year rush, we recommend that all entities involved in the regulated sectors start preparing as soon as possible to comply with the new requirements.
Navigating the new requirements may be complex, but early preparation can make all the difference.
Latest insights
More Insights
UK digital regulatory outlook for 2026 -Telecoms, Online Safety, Spectrum and Space
4 minutes Dec 09 2025
Australia Moves to Introduce Orphan Works Copyright Scheme: What It Means for Creative Industries and AI Training
3 minutes Dec 09 2025
China Cybersecurity and Data Protection: Monthly Update – November 2025 Issue
20 minutes Dec 09 2025