Czech Republic Cybersecurity

In late 2020, the Czech government approved its National Cybersecurity Strategy for 2021 – 2025.  In the previous period from 2015 – 2020, Czech government investments in cybersecurity were estimated at $130mln. The key national body overseeing cybersecurity in the Czech Republic is the National Cyber and Information Security Agency (NUKIB), which was established in 2017 to increase focus on new and emerging threats.

Outdated computer systems have been one of the biggest problems for securing Czech government cyber assets. Limited budgets have additionally been accompanied by a lack of experts. Despite gradually raising awareness of potential cyber attacks, the risks have still been underestimated and companies did not see cybersecurity as a necessary investment. Until a company is attacked, higher cybersecurity spending is not a priority. In 2019, the most frequent types of attacks encountered by companies included spam, phishing, and fraudulent e-mails.

The Covid crises put cybersecurity in the spotlight and brought better awareness of threats and their consequences. Early in the healthcare crisis, a number of Czech hospitals were hacked with ransomware.  With increased use of digital technologies, cyber attacks´ targets also increased. Hackers are using more sophisticated methods, targeting the human factor.

More attention is also given to products and services suppliers as NUKIB has been warning about Russian and Chinese hackers’ influence. In December 2018, NUKIB issued a specific warning on the threats posed to government (and other) systems by Huawei and ZTE. With respect to the recent attack on hospitals, the Czech government began to discuss including smaller hospitals and other critical infrastructure under the provisions of the cybersecurity law (currently only 16 hospitals with 800+ beds are included). The current number of systems in the country falling under the cybersecurity law is expected to triple from current 349 systems by 2025 including smaller hospitals and also critical information and data infrastructure, transportation and energy infrastructure. 

Wider introduction of 5G networks in 2021 will bring additional cyber security challenges and investments as well as further evolution of smart cities and intelligent transport systems among other areas. The Czech Republic participates in the new EU system of security certifications for ICT products, processes and services which is expected to serve as one of the effective measures in ensuring 5G network security. 

Based on IDC data, the Czech market for security solutions increased by 8 percent to $379mln in 2019. Most of the spending went to security services (estimated two thirds of the value), followed by software (around 25 percent) and hardware sales (around 10 percent).  Expected growth is around 10 percent given fast growth in use of digital technologies and better awareness of cybersecurity threats, despite the economic slowdown from Covid. 

For more information contact office.prague@trade.gov.