Cyber Security Act
Familiarise yourself with the changes in Cyber Security Act and their reflection in the current documentation and processes within the organization. In our courses, we focus exclusively on new responsibilities and changes. The basis of the Cyber Security Act are the ISMS (Information Security Management System) standards, resp. ISO / IEC 27000, Act 181/2014 Sb. and Decree 82/2018 Coll.
Cyber Security Act
The essence of the Act on Cyber Security is §181 / 2014 and Decree No. 316
Act No. 181 of 23 July 2014 on Cyber Security and on Amendments to Related Acts (Cyber Security Act).
Decree No. 316 of 19 December 2014 on security measures, cyber security incidents, reactive measures and on the determination of filing requirements in the field of cyber security (Decree on Cyber Security).
Amendment to Act No. 181/2014 Coll.
Significant changes in the Cyber Security Act:
The amendment to Act No. 181/2014 Coll., On cyber security, significantly expands its scope. At present, it imposes most of the duties on the administrators of Significant and Critical Information Systems. They are newly included in the scope of the Cyber Security Act.
Basic services
Service dependent on communication networks or information systems and its disruption could have a significant impact on securing key social or economic activities in the Energy, Transport, Banking, Financial Markets Infrastructure, Healthcare, Drinking Water Supply and Distribution, Digital Infrastructure, Chemical and Public sectors. management.
Digital information society services
- Internet search engines;
- Cloud computing that provides access to an extensible and customizable storage of computable resources.
- Providing an electronic marketplace service that allows online services to be arranged with a seller via a website;
Radical changes
Healthcare
A novelty is the inclusion of the area of Healthcare, which in the current version of the Cyber Security Act was included only in medical facilities with a capacity of 2,500 acute beds.
Digital infrastructure
Another new area is the digital infrastructure of Internet search engines, eShop providers and cloud services (excluding micro and small enterprises).
Security obligation
All the above companies have the obligation to ensure the security of information systems used to provide the Digital Service or the Basic Service.
Significant and critical systems
The amendment to the Decree also includes changes or significant additions to the requirements imposed on existing operators of significant and critical information systems.
