NIS 2 – Cybersecurity Act
The New EU NIS 2 Directive: A Key Framework for Cybersecurity Across Europe
The new EU NIS 2 Directive represents a crucial legislative framework aimed at strengthening the cybersecurity of organizations across the European Union. In the Czech legal system, it is transposed into the new Cybersecurity Act, which significantly expands the range of obligated entities and increases the demands on the management of security measures.
In the context of growing threats and regulatory requirements, the new Cybersecurity Act becomes essential not only for critical infrastructure but also for thousands of companies across various sectors.
Who Is Affected by the New Cybersecurity Act?
Organizations categorized as essential and important entities under NIS 2
Operators of critical and significant infrastructure
Entities in public administration, healthcare, transportation, energy, finance, and digital services
Private companies whose disruption could impact society or the economy
Organizations aiming to align their cybersecurity with European legislation
What Are the Risks of Non-Compliance?
Companies that fail to meet the requirements of the Cybersecurity Act may face serious consequences, including substantial financial penalties (up to several percent of annual turnover), operational bans, liability of statutory representatives, and reputational damage in the event of a security incident. Non-compliance can have severe impacts not only on the organization itself but also on its partners and customers.
From Initial Training to Certification:
EZÚ offers comprehensive support for compliance with the new Cybersecurity Act:
Pre-screening – a rapid assessment of the organization’s current status and readiness for legal requirements
Training – education of employees on NIS 2 and the new Cybersecurity Act
Pre-audit – an in-depth preliminary assessment of compliance with the Cybersecurity Act
Certification – stand-alone certification or integration into an existing information security management system (e.g., ISO/IEC 27001)
Sales
Ing. Lenka Mariánková
Product Manager
Technical specialist
Ing. Michal Hager
Head of Cyber Security Department
Why choose EZÚ?
EZÚ is one of the few certification bodies in the world that participates in the legislative process
We have a team of top experts and our own cybernetic laboratory.
EZÚ collaborates with CESNET.
We are a state body with a long history and the status of a qualified, trustworthy certification authority
We place considerable emphasis on the independence and impartiality of our auditors and the quality of the resulting outputs
Reasons to get certification
- Mapping of the current state of cybersecurity and identification of suggestions for improvement.
- Ensuring of cybersecurity and it continuous improvement.
- Protection from major financial losses and damage to or destruction of assets.
- Process improvement and acceleration (especially for IT services).
- Effective use of finances to ensure cybersecurity.
- Security of individual components of IT infrastructure (down to the level of firmware and microprocessors).
- Security of the supply chain.