The Senate of the Parliament of the Czech Republic adopted a new law on cyber security, which aims to increase the protection of the state against potential threats arising from dangerous technologies. This step, implemented together with associated amendments to related legislation, advances Czech legislation in the fight against cyber risks.

Once passed, the law now awaits the president's signature, after which it will offer new tools for regulating technology and overseeing its suppliers. The effective date is proposed for the third month after publication in the Collection of Laws.

The law establishes a mechanism to exclude technologies considered a security risk. The move responds to the growing number of cyber attacks that can threaten key state infrastructures such as energy grids or healthcare systems. The regulation also includes an obligation to vet technology vendors that work with state agencies to minimize reliance on potentially risky entities. According to information published on the website of the National Cyber and Information Security Bureau (NCIS), the move should strengthen the state's resilience to external threats.

The process of approving the law began in April, when it was supported by the Chamber of Deputies. The Senate has now confirmed its final form, paving the way for the next legislative step. The website of the Senate of the Czech Republic points out that the amendment reflects the requirements of the European NIS2 Directive, which sets uniform standards for cyber protection across the European Union. This framework expands the range of obliged entities and increases the responsibility of companies and state authorities.

After the president's signature, the law will be published in the Collection of Laws, triggering a three-month delay in its effectiveness. If the signature still occurs in June, the new rules can be expected to come into force in autumn 2025 at the earliest. This deadline is intended to give companies and government institutions time to adjust to the new requirements. According to iRozhlas.cz, the amendment includes obligations in the area of risk analysis and raising security standards, which will affect thousands of companies, especially in critical sectors such as energy and telecommunications.

The law also strengthens the role of the government, which will have decision-making power regarding restrictions on risky suppliers. Lupa.cz reports that the move was the result of a compromise between the NUCIB and the government, with the original proposal providing for greater autonomy for the agency. The change is intended to ensure greater coordination at the highest level and reflects concerns about geopolitical influences on supply chains.

The approval of the law provoked contradictory reactions. While cybersecurity experts, such as those at KYBEZ.cz, welcome it as a necessary step in response to growing cyber threats, some entrepreneurs warn of the administrative burden. The Advokátní deník server warns that companies will have to invest in staff training and system updates, which can be costly, especially for smaller entities.

gnews.cz - GH