Cyber Security FAQ

Decree No. 316/2014 Coll. (on cyber security), in the context of human resource security, requires those responsible to receive professional training in accordance with their security role. And Decree No. 82/2018 on security measures, cyber security incidents, reactive measures, filing requirements in the field of cyber security and data disposal (Decree on Cyber Security)

Security roles

Yes. If they meet the necessary qualifications. Even so, we recommend that you keep your security specialists under review and keep them in charge of risk management.

Yes, it is possible for one person to be both a cyber security manager and architect and an asset guarantor. However, none of these roles can play the role of auditor. In this case, however, keep in mind that you are not in line with best practice.

Yes, at 100%. TAYLLORCOX is an official accredited training organization for ISMS. They are based on international accreditation and are localized in the Czech legislative environment.

Licensed trainers have the highest level of ISMS ISO / IEC 27001 Lead Auditor. Extensive practice resulting from security audits and the implementation of measures against cyber attacks is a guarantee of hands-on training.

Cyber Security Management Committee is an organized group consisting of persons who are responsible for the overall management and development of the critical information infrastructure information system, the critical information infrastructure communication system or a major information system, or play a significant role in managing and coordinating activities related to cyber security of these systems.

In practice, the committee can be made up of people from top-management and middle management, at the same time it should have a majority of representatives from the field of ICT and security (it may vary according to the way individual organizations are managed). The method of composition and composition of the Cyber Security Management Committee is fully in the hands of the organization's management, the Cyber Security Act and its implementing legislation do not regulate it in more detail. It is recommended to use best practices when setting up the Cyber Security Management Committee.

Neither the law nor its implementing regulations specify this in any detail. However, the aim is for the defined roles to be performed by competent persons. E.g. We can assign the role of cyber security manager to a project manager in the field of ICT security, who has more than three years of experience in this field, with the provision of ISMS training and we can be sure that he will manage this role. It is also an alternative for other roles.

The Cyber Security Ordinance states that administrators of major information systems shall determine the roles of the cyber security committee, manager, architect and auditor and asset guarantors as appropriate.

In general, important information system administrators are subject to lower security requirements than important information system administrators. In reality, however, someone in the organization is always responsible, for example, for ensuring security

Would you like a gift for your birtday?