In 2025, the Parliament of the Czech Republic approved a new Cybersecurity Act, which was signed by the President on June 26, 2025. The new law incorporates the requirements of the European NIS2 Directive into the Czech legal system. The aim is to significantly strengthen the resilience of key institutions and services against cyber threats.
The law also applies to Czech universities, including CTU in Prague — the university will be required to protect its information systems, implement security measures, and respond promptly to potential incidents.
The expected effective date of the law is November 1, 2025.
From that date, organizations will have 60 days to self-identify and report regulated services to the National Cyber and Information Security Agency (NÚKIB).
The official wording of the law in PDF format, along with a user-friendly legislative guide, is available on the NÚKIB portal:
➡️ https://portal.nukib.gov.cz/pruvodce-novym-zakonem-o-kyberneticke-bezpecnosti?utm_source=chatgpt.com
CTU is actively preparing for these changes and will provide timely information for students, employees, and university partners.