NIS2 AND CYBER SECURITY

The NIS2 Directive and the new Cybersecurity Act impose new compliance requirements on businesses and introduce serious legal consequences for failing to meet these obligations.

Prepare for the new regulatory framework with us. Once the legislation takes effect, your ability to respond will be significantly limited.

Determine, with our assistance, whether your organisation qualifies as a regulated entity.

Implement the required legal and technical measures. Prepare your business for the new regulatory framework and potential cybersecurity incidents.

With our support, you can avoid fines of up to CZK 250 million for individual breaches and the disqualification of members of the statutory body.

NIS2 IMPLEMENTATION TIMELINE

Assessment of whether the entity falls within the scope of NIS2

by 1 November 2025

Registration and notification of the regulated service

by 31 December 2025

Submission of additional information

within 30 days of the authority’s decision on registration

Obligation to implement legal and technical measures

from 31 January 2027

Obligation to report cybersecurity incidents

from 30 January 2027

Find out as early as possible whether your organisation falls within the scope of NIS2. Once the legislation takes effect, your ability to respond will be limited.

Contact us. We will carry out an initial assessment and recommend the most appropriate next steps for your organisation.

Marek Pelán

Attorney at Law — Partner for NIS2 matters

marek@pruchovapelan.cz

+420 774 896 888

DS bvm29fv

ID 11941626

EXPRESS SCREENING

Free of charge

We carry out a basic assessment to determine whether your organisation falls within the scope of regulation.

If your regulatory status is unclear, we will recommend proceeding with a detailed assessment.

DETAILED ASSESSMENT

CZK 4,900 excl. VAT

We review documentation related to your organisation and conduct a legislative compliance audit.

We conclusively determine whether your organisation is subject to regulation.

We identify the applicable regulatory regime (lower or higher obligations).

PREPARATION FOR NIS2

Pricing determined after the assessment

Registration of your organisation with the National Cyber and Information Security Agency (NÚKIB).

Preparation of all required legal documentation tailored to your business, including internal policies, statements, overviews, templates, and related materials.

Training for company management and employees on appropriate procedures and the legal aspects of the regulation.

Prices for comprehensive NIS2 preparation are determined by the overall complexity of the case. Key factors include the scope and volume of information and assets subject to cybersecurity requirements, the existing level of technical and organisational security measures, the quality and completeness of existing documentation and staff training, and the size and nature of the organisation.

NIS2 AND CYBER SECURITY

Determine, with our assistance, whether your organisation qualifies as a regulated entity.

Implement the required legal and technical measures. Prepare your business for the new regulatory framework and potential cybersecurity incidents.

With our support, you can avoid fines of up to CZK 250 million for individual breaches and the disqualification of members of the statutory body.

NIS2 IMPLEMENTATION TIMELINE

Find out as early as possible whether your organisation falls within the scope of NIS2. Once the legislation takes effect, your ability to respond will be limited.

Contact us. We will carry out an initial assessment and recommend the most appropriate next steps for your organisation.

Marek Pelán

EXPRESS SCREENING

DETAILED ASSESSMENT

PREPARATION FOR NIS2

HOW CAN WE HELP YOU

Marek Pelán

Jana Průchová