NIS 2 in Czech practice: the new cybersecurity framework effective from 1 November 2025

Effective from 1 November 2025, a major change will come into force in the Czech legal framework for cybersecurity. The new Act No. 264/2025 Coll., which transposes the EU NIS 2 Directive (the “Cybersecurity Act”), significantly expands the scope of regulated entities - and will affect many companies for which cybersecurity risks have not previously been considered substantial. Do you operate a solar power plant? Manage an energy network? Operate publicly accessible charging stations? Your company may fall under the scope of the Cybersecurity Act - and some obligations will apply from the very first day the law takes effect.