Czech Republic

(a) What is the NIS2 implementation status?

A draft proposal for a new act on cybersecurity has been drawn up, but the formal legislative process has not yet commenced.

(b) What is the envisaged NIS2 implementation timeline?

Implementation by October 2024.

(c) What does the NIS2 mean for other national cybersecurity legislation?

We anticipate a complete overhaul of existing cybersecurity laws, leading to more regulated entities, enhanced supply chain security, and a corresponding matrix of responsibilities.

(d) Who will be the supervisory authority and how are they preparing the market?

National Cyber and Information Security Agency (NÚKIB) will continue to serve as the supervisory authority for cybersecurity. You can find more information about NÚKIB on their website: NÚKIB Website. NÚKIB has also established a dedicated NIS-2 website to offer clear and comprehensive insights into how the Directive will be translated into national legislation.

(e) What should you be doing/on the lookout for?

Clients should assess whether the new obligations under NIS2 are applicable to them through national legislation. If so, it is advisable to consult with cybersecurity experts and legal professionals to conduct audits and evaluate compliance with NIS2 standards. This process should encompass:

  • Analysis of the impact of NIS2 on the organization and determination of the scope of cybersecurity management.
  • Gap analysis of the current state of cybersecurity and information security.
  • Legal review of contracts and other legal documents, particularly in relation to the public sector.

Contact

Bořivoj Líbal E: borivoj.libal@eversheds-sutherland.cz

Jaroslav Tajbr E: jaroslav.tajbr@eversheds-sutherland.cz

Compare NIS2 implementation across other EU member states

Compare now

Other Resources

Eversheds Sutherland NIS2 Directive hub

Visit webpage

Whitepaper: Everything you need to know about the NIS2 Directive

Read the whitepaper

Webinar: One year to go until the EU NIS2 Directive

Watch the webinar

Article: Focus on the NIS2 directive

Read the summary briefing

© Eversheds Sutherland. All rights reserved. Eversheds Sutherland is a global provider of legal and other services operating through various separate and distinct legal entities. Eversheds Sutherland is the name and brand under which the members of Eversheds Sutherland Limited (Eversheds Sutherland (International) LLP and Eversheds Sutherland (US) LLP) and their respective controlled, managed and affiliated firms and the members of Eversheds Sutherland (Europe) Limited (each an "Eversheds Sutherland Entity" and together the "Eversheds Sutherland Entities") provide legal or other services to clients around the world. Eversheds Sutherland Entities are constituted and regulated in accordance with relevant local regulatory and legal requirements and operate in accordance with their locally registered names. The use of the name Eversheds Sutherland, is for description purposes only and does not imply that the Eversheds Sutherland Entities are in a partnership or are part of a global LLP. The responsibility for the provision of services to the client is defined in the terms of engagement between the instructed firm and the client.

Share this page