On July 19, 2023, the National Office for Cyber and Information Security (NÚKIB) announced that the Government of Czechia had approved NÚKIB's 2022 report on the state of cyber security of Czechia. The report found that despite a decrease in overall cyber incidents, from 157 in 2021 to 146 in 2022, cybercrime activities increased during the year with over 18,000 criminal offenses recorded by the police during the same period. During 2022, NÚKIB issued a total of 16 alerts and three warnings related to current threats or vulnerabilities.  

NÚKIB found that the most prevalent types of cyber attacks were phishing, spear-phishing, vishing, fraudulent emails, and service availability attacks, mainly through Distributed Denial of Service (DDoS). The report identified state-sponsored cyber actors and cybercriminal groups as posing the most significant threats to Czech cybersecurity. According to the report, there was a rise in cyber incidents in the transport sector with most cyber incidents occurring in the public sector, followed by healthcare and the private sector. NÚKIB also noted that, although organizations have increased their cybersecurity budgets since 2021, financial constraints and a lack of cybersecurity experts remain challenges for Czech institutions. 

In the report, NÚKIB highlighted that it held seven domestic, and three international, cybersecurity exercises during the year, including a cybersecurity exercise targeted at organizations in the healthcare sector. Furthermore, NÚKIB stated that in 2022 it collaborated with other expert groups to prepare a draft of the new law on cybersecurity that transposes the Directive on Security of Network and Information Systems (NIS2 Directive) into Czech law. 

You can read the press release here and the full report here, both only available in Czech.