Cybersecurity regulations are multiplying and, for many organizations, starting to overlap. A bank, an insurer, or a payment service provider may fall under both DORA and the new Cybersecurity Act. A critical infrastructure operator, in turn, deals with the Critical Infrastructure Act and the Cybersecurity Act at the same time. And each regulation has its own authority, its own obligations, and its own deadlines.
In practice, this means confusion about where to register, which measures actually apply, whom to report incidents to and within what time limits, and who can come to you for an audit. It's then easy for an organization to do something twice unnecessarily, or conversely to forget an obligation because it expects it from a different authority.
In the webinar, we'll walk through how to untangle such an overlap – who typically falls under it, what changes with registrations, measures and incident reporting, and which authorities can carry out an inspection at your organization if you fall under several regulations at once.
Tobiáš Trnka
Tobiáš is an information security consultant at Cybrela. He focuses on implementing requirements under new regulations – both the Czech Cybersecurity Act and European regulations.
For those who suspect or know that several regulations apply to them at once and want to bring order to it. Suitable for management as well as security and compliance roles that need to know what to comply with, where to register, and who they answer to.
The webinar is free, but you need to register through Cybrela academyOnce you've registered and enrolled in the webinars, you'll get access to both the live stream and the recording, so if you can't watch the webinar live, you can play it back anytime later from your account in the academy. If you have any questions, write to us at info@cybrela.com.
We will help you create the foundations, principles and documentation for the effective security. We will teach you how to understand and rely on your security in case of incidents, so that it is preventive and does not limit the operations.