I am a freelance cyber security consultant and cyber security auditor with over 10 years experience. My work primarily focuses on Czech Cyber Security Act and implementing its requirements into practice.
I hold a degree in IT Management and Information Management from Brno University of Technology, and I am currently enrolled in an Enterprise Infrastructure Management MBA program at the same university.
During my work I have designed agendas and processes involving cyber security regulation and audits as part of my work at the National Security Authority (CZ NSA Office), later on at the National Cyber and Information Security Agency (CZ NCISA).
My accomplishments also include leading and creating a project on developing Decree No. 82/2018 Coll., on cyber security; structuring an agenda for personal data protection (GDPR) at an international company and acting as Cyber & Information Security Manager in the energy sector.

I am a co-author of two books:
I am also an author of numerous professional articles, most recently focused on cyber security regulation issues and the EU's NIS and NIS2 directives.
I am a founder of an expert community CyberSecurityPlatform.cz which was created in order to connect with other IT/Cyber security experts in collaboration with university students of a similar field. This platform allows its members to share their experience and content of their own, to be part of creating supporting materials etc.
Services
Cyber Security Act
#CyberSecurityAct #ZKB #NIS2 #CyberSecurity #VKB
The Cyber Security Act requires that regulated entities implement a number of organizational and technical security measures. In the near future, it is predicted that 15x more companies will be regulated by the legislation compared to now. This is all due to the EU's NIS2 directive that has extended the scope. More on this topic in my conversation with my colleague, M. Švéda, CZ NCISA's representative. (shown below)
Information Security Management System
#ISMS #ISO27001 #ISO27k-family
My ambition is to help you implement the Information Security Management System (ISMS) according to ISO/IEC 27k standards. Among other things, implementing the ISMS will ensure compliance with the CZ Cyber Security Act. The ISMS certification is a key competitive advantage, in certain cases, a necessity that customers these days demand from their business partners.
Training and tabletop exercises
#awareness #training #courses #TTX
I provide training and courses in areas related to all the services I offer, e.g., security awareness training for employees, tabletop exercises (TTX) for top management and task force, the CZ cyber security legislation training, ISMS audits, etc. I mostly tailor each training to specific clients' needs.
CISO
#MKB #CISO #ISMS-Manager
Chief Information Security Officer (CISO) is a crucial role responsible in the cyber security field. It is a mandatory role in the environment regulated by the CZ Cyber Security Act. If your company is newly regulated by the CZ Cyber Security Act, I can offer professional services and guidelines with a slow transition to the cyber agenda and passing it onto the future internal employee.
Audit
#audit #Auditor #ISMS-audit
I am qualified as a Cyber Security Auditor. The Cyber Security Auditor is a mandatory role in the environment regulated by the CZ Cyber Security Act. Cyber security audit has to be carried out every 2-3 years (depends on the type of regulated entity).
Personal Data Security
#GDPR #personal-information #PII
The General Data Protection Regulation (GDPR) imposes not only a number of procedural legal obligations on administrators and processors of personal data, but also an obligation to secure personal data processing itself.
Cooperation benefits
Efficiency
Added value for the customer is one of my priorities. I apply practice and experience from long-term cooperation with NÚKIB and customers. Since not everyone can do everything, I collaborate with other professionals in the field.
Long-term partnership
Business relationships built on trust and long-term cooperation are, in addition to efficiency and an individual approach, one of the values that matter to me.
Individual approach
My business is not based on selling "empty" services and a series of universal template policies and recommendations. I aim for an individual approach that brings the desired efficiency to my customers.
Contacts
Ing. Martin Konečný, CISM
GSM: +420 736 709 865
E-mail: konecny@ict-security.pro
Freelancer listed in the "Živnostenský rejstřík" since 20th August 2012
Billing info
Address: Měnín 422, 664 57 Měnín
ID: 00985911 | VAT ID: CZ8901064150
Bank Nr.: 107-3194300207/0100 (Komerční banka, a.s.)
IBAN: CZ47 0100 0001 0731 9430 0207
SWIFT: KOMBCZPPXXX