Cyber Security Council (CSC) due meeting was held on Wednesday, 27th November 2013. This meeting was launched by Mr. Dušan Navrátil – Director of the National Security Authority (NSA) and the CSC executive vice-chairman.

At the beginning, the NSA Director informed participants about the state of the National Cyber Security Centre (NCSC) building. He first noted that finishing construction works on the NCSC building in Brno are taking place, secondly, currently sixteen people are working in the NCSC, and thirdly, the next year, if following the plan, the NCSC will hire ten new employees. According to Mr. Navrátil, meaning and justification of the NCSC work have been well confirmed, considering a number of cyber attacks which have taken place during this year and which have been solved by the NCSC; e.g. DDoS attacks, compromising of e-mail server of the central body of state administration, or recent phishing attacks against the Czech Postal Services.

Another point on the CSC agenda was familiarization of participants with current situation of debates on Act on Cyber Security proposal and on chosen implementing legal regulations. This part of the session was covered by Mr. Radomír Valica, Director of the NSA's Legal and Legislative Department. He informed that after inter-resort amendment process the Act proposal was presented to the Legislative Council of the Government (LCG) in June 2013. Thus, within LCG several parts of the Act proposal were debated already during summer 2013. Mr. Valica then described disputed points of the proposal, explained some concrete changes that were made in the proposal, and also indicated next steps to be taken by the NSA. At the end, he noted that, despite changes, essential principles of the Act proposal were kept in their original state and that the proposal will be soon presented to the Czech Government.

Participants of the session were then familiarized with status of negotiations on Security Measures Regulation. Mr. Přemysl Pazderka from the NCSC stated that editing of this Regulation proceeds from internationally recognized ISO norms 27001 and 27002, potentially from the COBIT 5 method. He informed about basic principles of the Regulation; subsequently, he introduced several organizational and technical measures proposals, as well as a planned time schedule for creation of the Act regulation.

At the end of the session, participants got engaged in discussion which, among others, showed that entities concerned by cyber issues have clearly adopted more positive attitude towards cyber security.

This session was attended by representatives of The Office of the Government of the Czech Republic, Ministry of Transport, Ministry of Finance, Ministry of Defence, Ministry of Industry and Trade, Ministry of the Interior, Ministry of Foreign Affairs, Czech National Bank, Czech Telecommunications Office, The Office for Personal Data Protection, Police and Intelligence Services.