National Cyber and Information Security Agency

National Cyber and Information Security Agency Organized Exercise for NATO Allies

From April 7 to 11, 2025, the National Cyber and Information Security Agency of the Czech Republic (NÚKIB) organized an exercise focused on Virtual Cyber Incident Support Capability (VCISC). It aimed at exercising the readiness of the Allies to provide mutual support through the VCISC mechanism in case of serious cyber incidents.

VCISC is a mechanism that enables NATO Allies facing significant malicious cyber activity to request remote assistance from other Allies. This mechanism was approved at the Vilnius Summit in 2023 and has since been available to the Alliance. VCISC is also a key tool in strengthening NATO’s collective defense in cyberspace.

The exercise aimed to enhance the Alliance’s preparedness to provide mutual support in cyberspace. Experts from Slovenia and the Netherlands, in addition to the Czech Republic, contributed to the scenario design, and 20 nations joined in total. The exercise simulated a situation in which several NATO Allies tackled significant incidents in its critical national infrastructure and requested assistance through the VCISC.

The exercise provided an opportunity for Allies to verify their national processes for the VCISC mechanism and the overall capability of NATO to cooperate in the event of multiple large-scale incidents. It demonstrated the will and readiness of the Allies to face significant malicious cyber activity and provide support to each other in a time of need.

The Sixth Edition of the International Prague Cyber Security Conference 2025 took place in the Czech capital

On March 18–19, 2025, the sixth edition of the international Prague Cyber Security Conference (PCSC) took place in Prague. The event was organized by the National Cyber and Information Security Agency (NÚKIB) in cooperation with the Ministry of Foreign Affairs of the Czech Republic. The conference bore the subtitle "Invisible Frontlines". Participants, including experts, government officials, and representatives of the private sector, gathered at the Czech National Bank’s Congress Center from 46 countries worldwide.

This year’s subtitle refers to the idea that "cyberspace is not only an environment for everyday life but also the first battleground where conflicts arise between state and non-state actors. Cyber conflicts often begin invisibly, but their impacts become more than real – ranging from disruptions of critical infrastructure to economic coercion by authoritarian states and attempts to destabilize our democratic society," explained NÚKIB Director Lukáš Kintr. The importance of cooperation and resilience in cyberspace was also emphasized by Minister of Foreign Affairs Jan Lipavský in his closing remarks: "Cyberattacks happen long before tanks roll and missiles strike. That’s why improving resilience is crucial. It’s not just a technical issue – it’s a matter of national security, economic stability, and the survival of democracy."

Experts discussed evolving strategies on the invisible frontlines of cybersecurity warfare – through cooperation between governments, law enforcement, and private entities. Discussions also covered responses to cyberattacks from China, Russia, and Iran, as well as hidden cyber tactics and so-called shadow operations carried out by China in Western countries.

During a meeting between representatives of Ukraine and its allies, key cybersecurity lessons learned from the ongoing conflict in Ukraine were shared. Ukraine has strengthened its cyber resilience in response to constant threats, and participants discussed how non-directly involved states, affected by the cyber consequences of the conflict, are adapting their security strategies.

The conference also focused on the energy sector, as energy infrastructure is increasingly targeted by state-sponsored cybercriminal groups. Panel discussions addressed specific policies and regulations related to energy security, including the new EU Network Code for Cybersecurity in the Electricity Sector, the G7 Framework for Cybersecurity of Operational Technologies in Energy Systems, and the U.S. Department of Energy’s supply chain cybersecurity principles. Cyber threats also extend to the telecommunications sector, endangering global communication networks. On these "invisible frontlines", cybersecurity professionals face the challenge of securing complex infrastructure against increasingly sophisticated and persistent attacks. Participants explored strategies for risk identification and mitigation, supply chain security, and strengthening cyber resilience in telecommunications systems. Other topics included the role of artificial intelligence in cybersecurity and defence, satellite systems and the growing reliance on satellite networks for military, financial, and civil operations, and connected vehicles, which significantly impact everyday life.

Parallel to the main conference program, bilateral meetings between NÚKIB representatives and international partners took place. Strengthening international cooperation was one of the key goals of the event. "Cybersecurity is a global challenge that demands global solutions. The active participation of Indo-Pacific partners at the Prague Cyber Security Conference underscores the essential role of regional cooperation in shaping resilient and forward-thinking cybersecurity policies. It was an honour to have Lt. Gen. Michelle McGuinness open the conference. A testament to the strength of our partnership and the mutual commitment to cybersecurity. This collaboration is not one-sided; it was reaffirmed a year and a half ago when we established the position of Cyber Attaché for the region, recognizing the strategic importance of sustained engagement," concluded Veronika Kolek Netolická, the Czech Republic’s Cyber Attaché for the Indo-Pacific.

For the second time in its history, the conference was open to the private sector, recognizing the growing importance of public-private cooperation in cybersecurity. Key partners of this year’s edition included Amazon Web Services (AWS), MSD, APPSEC, CISCO, Mastercard, ICZ, Whalebone, and CETIN. The Prague Cyber Security Conference 2025 once again provided a vital platform for strategic discussions and deepening cooperation between states and the private sector.

The conference was first held under the name Prague 5G Security Conference in 2019.

Prague Hosts the Sixth Edition of the International Prague Cyber Security Conference Organized by NÚKIB

The National Cyber and Information Security Agency (NÚKIB), in cooperation with the Ministry of Foreign Affairs of the Czech Republic, is hosting the sixth edition of the prestigious Prague Cyber Security Conference (PCSC) on March 18–19, 2025. The event, held at the Congress Center of the Czech National Bank, brings together experts, government officials, and private sector representatives from 46 countries worldwide.

PCSC has established itself as a key platform for dialogue on cybersecurity threats, emerging breakthrough technologies, and responsible approaches to supply chain security. “This conference continues the legacy of the groundbreaking Prague 5G Security Conference, which we organized in 2019. At that time, we succeeded in shifting the paradigm and the perspective of like-minded democratic nations regarding the construction and security of next-generation telecommunications networks. Since then, we have expanded the conference scope to include other strategic areas of cybersecurity,” said Lukáš Kintr, Director of NÚKIB.

This year’s PCSC carries the theme ‘Invisible Frontlines’, emphasizing that “cyberspace is not only a domain of everyday life but also the first battlefield where states and non-state actors confront each other. Cyber conflicts often begin invisibly, but their impact is very real – from disruptions to critical infrastructure and economic coercion by authoritarian regimes to attempts to destabilize our democratic societies. Our goal at this conference is to explore ways to effectively counter these threats in cooperation with other democratic states and strengthen our resilience,” Kintr added.

Conference panels focus on covert hybrid operations and new attack vectors that influence national security and geopolitical stability. Discussions also address the defensive and security strategies of democratic nations against these sophisticated yet subtle threats. Furthermore, the conference highlights specific security topics, such as challenges related to artificial intelligence development, the security of connected (electric) vehicles, satellite service security, and more.

For the second time in its history, PCSC opens its doors to the private sector, reflecting the increasing importance of public-private cooperation in cybersecurity. Key partners of this year’s edition include Amazon Web Services (AWS), MSD, APPSEC, CISCO, Mastercard, ICZ, Whalebone, and CETIN.

“We greatly appreciate the collaboration of all our partners. AWS will once again be one of the key partners for this year’s conference. To meet European data privacy and compliance requirements, the company continues to expand its portfolio of cloud solutions in Europe. This includes the AWS European Sovereign Cloud, a new independent cloud for Europe, designed to help public sector organizations and customers in highly regulated industries meet their evolving sovereignty needs,” said Tomáš Krejčí, First Deputy Director of NÚKIB.

Prague Cyber Security Conference 2025 provides a crucial platform for strategic discussions and collaboration between states and private companies, built on a shared approach, democratic values, and the rule of law.

“In an era where authoritarian regimes use technology to undermine security and destabilize democratic societies, it is essential for nations and companies that share common values to work closely together and seek effective defense strategies,” Kintr concluded. The conference will thus contribute to strengthening the cyber resilience of democratic states in an ever-evolving digital environment.

The National Cyber and Information Security Agency of the Czech Republic Co-Seals Publications on Cybersecurity of Edge Devices with the Australian Signals Directorate and International Partners

The National Cyber and Information Security Agency of the Czech Republic (NÚKIB) has joined an international initiative led by the Australian Signals Directorate (ASD), co-signing two key documents focused on improving the security of network edge devices: Mitigation Strategies for Edge Devices: Executive Guidance, and Mitigation Strategies for Edge Devices: Practitioner Guidance.

The initiative includes collaboration with international partners such as the United States’ Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), the Canadian Centre for Cyber Security (CCCS), the National Cyber Security Centre of New Zealand (NCSC-NZ), the United Kingdom’s National Cyber Security Centre (NCSC-UK), Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) and Japan Computer Emergency Response Team (JPCERT), the Republic of Korea’s National Cyber Security Centre (NCSC) and National Intelligence Service (NIS), and the Netherlands' General Intelligence and Security Service (AIVD) and Military Intelligence & Security Service (MIVD).

The documents summarize current findings on vulnerabilities in network edge devices, such as enterprise routers, firewalls, and VPN concentrators, and provide recommendations to mitigate these risks. Their goal is to enhance organizational resilience through a combination of strong security measures and international collaboration. Key recommendations in these publications include comprehensive management of network edge devices, procurement of securely designed technologies, regular updates, strong authentication protocols, and the securing of management interfaces.

“NÚKIB recognizes that vulnerabilities in network edge devices present a serious issue. Strengthening their security is not merely a choice but a necessity. The recommended principles align with long-term security standards that NÚKIB advocates for. By implementing robust measures, ensuring their timely deployment, and fostering international cooperation, we can effectively address these risks and enhance resilience across organizations and national borders,” said Lukáš Kintr, Director of NÚKIB.

These publications demonstrate the collective effort of global partners to strengthen cybersecurity and protect critical infrastructure from evolving cyber threats. Read the publications here.