Cyber-summer at the Cybrela academy. 6 cybersecurity webinars, online every other Friday. Register for free ➡️

DORA, the CRA, and the new Cybersecurity Act: What to do when several regulations apply to you at once

17.07.2026

10:00–10:45

Online

The webinar is part of the cyber-summer webinar series with Cybrela academy. Free and recorded.

The new Cybersecurity Act, the Critical Infrastructure Act, and the DORA regulation – many organizations fall under two of these regulations at once, and some even under all three. More regulations means more authorities, deadlines, and obligations. Or does it? In this webinar, you'll get clear on how to fit the obligations from the individual regulations together without forgetting a single one.
Wooden blocks labeled DORA, CRA, and Cybrsecurity Act as a symbol of cybersecurity regulations.

About the webinar

Cybersecurity regulations are multiplying and, for many organizations, starting to overlap. A bank, an insurer, or a payment service provider may fall under both DORA and the new Cybersecurity Act. A critical infrastructure operator, in turn, deals with the Critical Infrastructure Act and the Cybersecurity Act at the same time. And each regulation has its own authority, its own obligations, and its own deadlines.

In practice, this means confusion about where to register, which measures actually apply, whom to report incidents to and within what time limits, and who can come to you for an audit. It's then easy for an organization to do something twice unnecessarily, or conversely to forget an obligation because it expects it from a different authority.

In the webinar, we'll walk through how to untangle such an overlap – who typically falls under it, what changes with registrations, measures and incident reporting, and which authorities can carry out an inspection at your organization if you fall under several regulations at once.

 

Agenda

  • Who typically ends up in the overlap: which companies and organizations fall under several regulations at once and how to tell. 
  • Registration with public authorities: where you need to register – the NÚKIB portal, the critical infrastructure portal, SDAT. 
  • Security measures and incident reporting: which measures you must apply when requirements overlap, and whom to report incidents to and within what time limits.  
  • Who can inspect you: which public authorities can carry out an audit at your organization if you fall under several regulations, and what that means in practice.  
  • Other specifics of the overlap: what to watch out for when regulations coincide and how to organize your obligations so you don't do them twice. 

Who’s leading the webinar?

Tobiáš Trnka

Tobiáš is an information security consultant at Cybrela. He focuses on implementing requirements under new regulations – both the Czech Cybersecurity Act and European regulations.

 

Who is the webinar for?

For those who suspect or know that several regulations apply to them at once and want to bring order to it. Suitable for management as well as security and compliance roles that need to know what to comply with, where to register, and who they answer to.

 

How to register?

The webinar is free, but you need to register through Cybrela academyOnce you've registered and enrolled in the webinars, you'll get access to both the live stream and the recording, so if you can't watch the webinar live, you can play it back anytime later from your account in the academy. If you have any questions, write to us at info@cybrela.com.

Sign up today

We will help you create the foundations, principles and documentation for the effective security. We will teach you how to understand and rely on your security in case of incidents, so that it is preventive and does not limit the operations.