The new cybersecurity law fundamentally changes the way organizations need to think about their suppliers—and, above all, about their contracts with them. While it is relatively easy to get a basic grasp of the new legislation, the real challenge arises when it comes to incorporating the legal requirements into specific contract documents and structuring them in a way that will hold up in practice.
This three-hour seminar delves much deeper into the subject matter. We will focus primarily on how to approach supplier relationships and contractual documentation under the new Cybersecurity Act, how to distinguish between different types of suppliers, and how to properly define contractual rights and obligations based on the supplier’s significance and the organization’s regulatory framework. We will also briefly touch on overlaps with other regulatory frameworks, if they may impact contractual arrangements or the internal coordination of requirements.
The focus will be on specific contractual provisions and how to “translate” them from regulatory requirements into a practical and negotiable form. We will review typical contract structures and amendments, provide practical examples of wording, and highlight the most common mistakes we encounter in practice. We will also focus on areas that tend to be the most challenging during negotiations with suppliers—particularly the subcontractor chain, audit and inspection rights, change management, demonstrating compliance with security requirements, incidents, SLAs, business continuity, and exit scenarios.
Who is this seminar intended for?
This seminar is primarily intended for those who are responsible for establishing, managing, or overseeing supplier relationships in a regulated environment and need to go beyond a basic overview:
- management and senior executives of regulated service providers (IT, security, risk, compliance) who make decisions regarding the design of the supplier model and are responsible for its effectiveness,
- lawyers, attorneys, and contract managers who draft, negotiate, or review contracts with suppliers,
- procurement and vendor management teams, which effectively manage the supply chain and put requirements into practice,
- ICT and cybersecurity specialists who define technical and security requirements and work together to incorporate them into contracts,
- internal auditors and compliance officers who assess whether the framework complies with regulatory requirements.
Internal auditors and compliance officers—who assess whether the framework complies with regulatory requirements—as well as those responsible for compliance. This seminar is suitable for both organizations that are just becoming familiar with the new regulations and those that already have a basic understanding but need to clarify specific contractual arrangements and a systematic approach to managing supplier relationships.
What you’ll take away from the seminar
- a clear idea of how to translate the requirements of the new cybersecurity law into specific contractual provisions,
- the clear difference between the lower and higher regimes in practice—specifically, what this means for contract drafting, the scope of audit rights, reporting, and liability,
- a specific outline of what must be included in contracts under the new law and how to structure these requirements,
- an overview of what is a “must-have” and what constitutes an additional contractual provision,
- a practical guide on how to systematically adjust supplier relationships and tailor the strictness of contracts to the importance of a specific supplier,
- guidelines on working with subcontractors, audit rights, change management, and demonstrating compliance,
- a specific approach to incidents in contracts—how to structure reporting, cooperation, and liability so that it makes sense in the event of an actual security incident,
- recommendations on how to approach SLAs, business continuity, and exit strategies in the context of cybersecurity,
- a practical guide to amending existing contracts and addenda,
- examples of specific contractual language,
- an overview of common mistakes in practice – what typically causes problems during contract reviews, audits, or incidents,
- a basic understanding of where other regulatory requirements may also come into play in the contractual framework.
Organizational information:
DATE AND VENUE: The seminar will take place on Thursday, May 28, 2026, from 9:00 a.m. to 12:00 p.m., at the Weinhold Legal office, Na Florenci 2116/15, Prague 1. Please confirm your attendance by May 25, 2026.
FEE: CZK 4,500 + VAT per person. The fee is a contribution to cover the seminar costs. Study materials and refreshments are included.
CONTACT: For any questions, please contact Barbora Talácková at barbora.talackova@weinholdlegal.com.
PLEASE NOTE: Capacity is limited.
We believe that you will take away many recommendations and ideas for your practice from the seminar. We look forward to meeting you.
This seminar is not intended for consultants or employees of consulting firms. Weinhold Legal reserves the right to determine the final list of participants.
