When a cybersecurity incident (CSI) is reported, members of the government’s expert team are prepared to provide technical assistance, including suggesting further preventive measures. If it is discovered that an incident has targeted multiple entities, they are prepared to coordinate a common approach to a solution. If you report an incident that does not fall into the authority of the government team (CII, IIS, ES), we will ensure its transfer to the relevant security team.

The timely reporting of an incident does not primarily lead to sending an oversight team to your organization nor to levy fines, but only to record, analyse, and possibly offer our support. We welcome any reports of security incidents on any of your systems including those that do not fall into the CII, IIS a ES categories.

To report a CSI, we recommend using the process described in paragraph 32 of regulation #82/2018 Coll. about security measures, cybersecurity incidents, reactive measures, requirements for filing in the area of cybersecurity, and destruction of data (the Cybersecurity Regulation).

Form

Please download and complete the electronic form (editable PDF) to report a CSI. After all information has been provided, please send the file by:

  • The National Cyber and Information Security Agency (NUKIB) e-mail:  cert.incident@nukib.cz.
    We recommend PGP encryption for more secure and trustworthy communication. Learn details about how to use PGP here. The subject should include the type of incident (i.e. DDoS, phishing, ransomware, etc.) for easier sorting of incidents among individual analysts,
  • NUKIB data box ID:  zzfnkp3

Data interface (XML format for incident reporting)

This format can be used to send all the necessary details of the incident in XML format or it can be implemented into a proprietary application for reporting cybersecurity incidents and events. This is a valid equivalent to the above form. Learn more information about the format, including a specific example of a fictious incident and the option of downloading it here.

By phone

In case of a sudden emergency situation where time is of the essence, you can call the GovCERT.CZ during working hours at +420 541 110 777. Outside standard working hours, use +420 725 502 878.

GovCERT.CZ respects the privacy of all people and institutions who contact us, and we consider all reported incidents to be confidential information.