Dodávateľský reťazec a kybernetická bezpečnosť

Abstract

The NIS2 Directive is an updated version of the original 2016 NIS Directive and aims to strengthen the protection and security of the EU’s cyberspace. Unlike the first directive, NIS2 focuses on the cybersecurity and resilience of key entities and entire sectors in the face of modern threats. EU Member States are required to transpose it into their national legal systems. In Slovakia, the requirements of NIS2 were implemented through an amendment to the Act on Cybersecurity. The amendment, prepared by the National Security Authority, entered into force on January 1, 2025. It modifies and supplements the original Act No. 69/2018 Coll. and introduces several fundamental changes. One of the key elements is the enhancement of supply chain security. This protection is ensured primarily through contractual mechanisms based on the Act and on Decree No. 227/2025 of the National Security Authority. Contractual obligations must also reflect the requirements of the GDPR. The article focuses mainly on contractual protection within supply chains and its alignment with GDPR requirements.