National Cyber and Information Security Agency

When reporting a cybersecurity incident, experts from the GovCERT.CZ or National CERT are ready to provide technical and analytical assistance, including methodological guidance. In the case of a cybersecurity incident with broader impact, the CERT acts as a coordinating authority among all relevant stakeholders, ranging from providers of the compromised service, through partner investigative teams, to foreign authorities and their analytical teams.

Timely reporting of a cybersecurity incident does not in itself lead to the initiation of an inspection of your organisation or the imposition of sanctions. Its primary purpose is to ensure the incident is recorded and analysed and, where appropriate, that advice and assistance are provided. Reports are also accepted from entities that are not regulated under the Cybersecurity Act and are therefore not legally obliged to report cybersecurity incidents. Subject to available capacity, such entities may also be provided with methodological and technical/analytical assistance. Information obtained may further be used to analyse broader threats and to help prevent similar incidents in other organisations.

For more detailed information on cybersecurity incident reporting, please refer to the Methodology for Reporting a Cybersecurity Incident.

Reporting Method

VIA FORM

Cybersecurity incident reporting pursuant to Cybersecurity (the new Act on Cybersecurity), is carried out by all regulated entities primarily via electronic forms available on the NÚKIB Portal.

If you were an obligated entity under the former Act No. 181/2014 Coll., on Cybersecurity (the previous Act on Cybersecurity), a transitional period of one year applies from the date of receipt of the decision on the registration of the regulated service. During this transitional period, for services and information systems previously regulated under the previous Act on Cybersecurity, obligated entities are required to fulfil at least the following obligations:

Provider of a regulated service under the higher obligations regime:
complies with obligations related to the implementation of security measures, reporting of cybersecurity incidents, and compliance with measures issued by NÚKIB, in accordance with the previous Act on Cybersecurity.
Provider of a regulated service under the lower obligations regime:
complies with obligations related to the implementation of security measures, reporting of cybersecurity incidents, and compliance with measures issued by NÚKIB, in the scope required by the new Act on Cybersecurity.

From the date of receipt of the decision on the registration of the regulated service, cybersecurity incidents must be reported via the NÚKIB Portal. For a period of one year following the date of receipt of the decision on the registration of the regulated service reports may be submitted either on the forms prescribed under the previous Act on Cybersecurity or on the forms prescribed under the new Act on Cybersecurity.

Procedure when the NÚKIB Portal is Unavailable

If it is not possible to use the NÚKIB Portal, a cybersecurity incident may be reported using an alternative reporting method pursuant to Section 16(4) of Act No. 264/2025 Coll., on Cybersecurity, by completing the relevant form and submitting it as follows:

Providers of Regulated Services under the Regime of Higher Obligations

by email: cert@nukib.gov.cz
via data box: zzfnkp3

Providers of Regulated Services under the Regime of Lower Obligations

by email: abuse@csirt.cz
via data box: h4axdn8

This method is intended solely as a temporary emergency solution. To ensure efficient communication during incident handling, we recommend submitting the report subsequently via the standard electronic form on the NÚKIB Portal.

Form for cybersecurity incident reporting in the event of NÚKIB Portal unavailability:
Substitute Cybersecurity Incident Reporting Form (PDF)

BY TELEPHONE

In the event of a serious and urgent situation where there is a risk of delay, the GovCERT.CZ team may be contacted during working hours on +420 541 110 555, or outside standard working hours on +420 725 502 878. Our specialists will provide instructions and recommendations for managing the initial phase of the incident and will further direct you if necessary.

Telephone contact is intended primarily for rapid communication and immediate assistance and does not constitute an official incident reporting channel. To fulfil statutory obligations, the incident must always be reported in writing using the prescribed forms.

GovCERT.CZ respects the privacy of all contacting persons and organisations and treats all reported cybersecurity incidents as sensitive information.

News

The seventh annual international Prague Cyber Security Conference 2026 took place in Prague

Last week, the seventh edition of the Prague Cyber Security Conference (PCSC), organized by the National Cyber and Information Security Agency (NÚKIB) in cooperation with the Czech Ministry of Foreign Affairs, concluded at the Congress Centre of the Czech National Bank. The event once again welcomed around four hundred experts, government and academic representatives, and technology company delegates from dozens of countries, confirming its position as one of the key European platforms for strategic discussion on cybersecurity.

Discussions throughout the conference reflected the fact that cybersecurity affects all layers of society, from energy and transport to defense and the functioning of democracy. Participants engaged in current debates on the differing regulatory approaches to digital products and services in Europe, the transatlantic space, and the Indo-Pacific. Across these regions, conversations also focused on finding the optimal approach to incorporating cybersecurity expenditures into broader defense and security budgets of individual states.

Trust, as the absolute foundation of secure supply chains, was a recurring theme in discussions about new technologies such as artificial intelligence and quantum technologies, as well as in the context of renewable energy sources and smart solutions in the energy sector. The conference also addressed practical experiences from the ongoing war in Ukraine and the growing number of cyber operations supported by state actors, which have shifted from espionage to strategic pressure to control digital infrastructure, influence global norms, and dominate information flows.

“What makes this conference exceptional is not only the diversity of participants but also their willingness to openly discuss the challenging issues related to technology, security, and the future of cyberspace. No country can face these challenges alone, which is why such meetings are so important. After all, the most resilient systems are built on strong relationships. And if you take away just one idea from Prague, let it be this: strong post-quantum encryption is important, but strong international partnerships can be even more resilient,” said Lukáš Kintr, Director of NÚKIB, in his closing remarks.

The Prague Cyber Security Conference thus reaffirmed its role as a major platform for open international dialogue on cybersecurity and for strengthening cooperation among states, international organizations, academia, and technology leaders.

The main partners of this year’s conference were Amazon Web Services (AWS) and MSD.

Celá zpráva 2026-03-26