Menu

The new law on cyber security: what does it bring and when will it come into force?

1 min

On 4 August 2025, a new Act No.264/2025 Coll., on Cyber Security, was published in the Collection of Laws, which comes into force on 1 November 2025.

This Act represents a major step in the field of cyber protection and also implements the European NIS2 Directive into the Czech legal system.

What does the law mean for companies and organisations?

The new legislation will affect a significantly wider range of entities than the existing 2014 law, regulating organisations operating in key sectors such as energy, healthcare, ICT, transport, food, public administration, and others. The Act introduces two regimes of obligations - higher and lower - depending on the importance of the services provided.

The main obligations of regulated entities include:

  • implementing security measures,
  • announcement of services provided and contact persons,
  • reporting cyber incidents within 24 hours,
  • cooperation with NUCIB and compliance with its countermeasures

The NIS2 Directive: a European framework for cyber security

The NIS2 Directive, which was adopted at EU level in 2023, aims to harmonise the level of cyber security across Member States. It introduces stricter rules on risk management, incident reporting, management accountability and penalties of up to €10 million or 2% of global turnover.

How are the other EU countries doing?

By mid-2025, 16 EU and EEA Member States had fully implemented the NIS2 Directive, while the others are in the preparation or legislative process. The Czech Republic is one of the countries with ongoing implementation, see the above-described validity of the ZoKB from November 2025. Countries that have already adopted measures include Belgium, Finland, Denmark, Cyprus, Italy, Lithuania and Malta, while countries such as Germany, France, Sweden, Austria, Spain and the Netherlands, among others, are in the preparation phase.

In this context, the European Commission has already called on Member States that have not yet adopted the Directive to do so as soon as possible.

What else to read

See more news from the world of IT and ITS

What will the NIS2 directive bring and are Czech companies ready for it?

Looking for a partner for your IT?

Do not hesitate to contact us.

Michal Šon

Michal Šon

Director of Key Accounts

Anna Říhová

Anna Říhová

Business Development Manager

Jan Šafrata

Jan Šafrata

Business Development Manager

Sign up for our newsletter