The Czech authorities made the first steps towards a safer cyberspace on the national level a couple of years ago, but the real wake-up call came only in March 2013 when the Czech Republic became the target of a cyber campaign lasting several days. These cyber attacks caused a serious disruption to public life in the country which, subsequently, led to a series of complex actions by the government aiming to bolster cyber security and would prevent any similar cyber malicious activities in the future. The purpose of this study is to describe the overall situation of cyber security in the country before, during and after the 2013 cyber attacks and, more importantly, to explain the processes and actions which led the transformation of the Czech Republic from a country with fairly underdeveloped cyber security to a state that has the aspirations ‘to play a leading role in the cyber security field within its region and in Europe’. To do that, the study firstly summarises the general situation of cyber security and cyber defence in the Czech Republic preceding the cyber attacks from March 2013. Secondly, it pays attention to the cyber campaign itself discussing the technical nature of the attacks, selection of targets and the immediately taken measures. It then focuses on the long-term development in the three crucial dimensions of cyber security and cyber defence: policy, legislation and organisation. Finally, the study briefly discusses the perspectives and challenges for the future.