The new Cybersecurity Act fundamentally transforms the functioning of Czech organizations and establishes a unified regulatory framework for thousands of newly regulated entities. This presentation demonstrates how the entire ecosystem has shifted from dozens of obligated entities to thousands and, according to this, highlights the role of the NÚKIB Portal as a central tool for reporting, registration, and communication. It shares initial implementation experiences, trends in registrations and practical insights from inquiries which are gradually evolving from uncertainty (“Do we fall under the regulation?”) to more practical concerns (“How do we comply correctly?”). The presentation clearly explains obligations and the implementation of requirements, the principle of proportionality, key organizational and technical obligations, as well as the new incident reporting system. It will also outline situations in which the state may intervene through alerts, warnings, or reactive countermeasures. The aim of the presentation is to provide a practical guide on how to adapt to the new legislation, avoid common mistakes, and leverage initial experience to build genuine cyber resilience.

He specializes primarily in information security management, crisis management, the protection of critical information and communication systems of the state together with related regulatory matters.

He has been professionally engaged in the field of cybersecurity and information protection since 2014. At the National Security Authority, he contributed to the development of the first Cybersecurity Act and was involved in the establishment of the National Cyber and Information Security Agency.

Within the National Cyber and Information Security Agency, he has held several positions and has been serving as Director of the Regulation Department since 2018. His main responsibilities include the implementation and oversight of the Cybersecurity Act, the development of regulatory requirements together with the preparation of legislation and security standards in the field of cybersecurity.

In addition, he has been cooperating for several years as an external lecturer with universities and other educational institutions. In addition, he delivers lectures on cybersecurity at professional conferences.