Recently, on 1st of August 2021, an amendment to the Act No. 69/20188 Coll. on Cyber Security got valid.
In September 2020, we notified about the possibility to comment the Act amendment via slov-lex.sk website. According to the several disputable points in the law, we would like to again recommend to read it and to consider the legal and material implications of the amendment, especially in relation to the registrars.
The amendment tightens various conditions beyond the scope of the relevant European legislation in general and introduces further regulations, thus also financial and other impacts for subjects affected by the law. One of the most fundamental parts of the amendment is the competence of the National Security Office (hereinafter „NSO“) to prohibit (after analysis and approval by the Government of the Slovak Republic) the use of any product, process, service or specific entity.
Other essential points of the amendment are:
- obligation to establish position of an independent certified security manager,
- compulsory analysis of the political risks, respectively, to take them into account virtually in any contract,
- obligation to process and report a security incident automatically, if the NSO decides so,
- clarification of the certification conditions for the cyber security auditor according to the law.
Despite the fact that the NSO has tightened the conditions, we firmly believe that by analyzing the amendment and by setting up timely measures, you will prevent possible inconveniences.
Please note that sanctions under the Cyber Security Act are equivalent to those of the GDPR!