During the meeting as part of the “Strategic Dialogue Forum” series, which took place on April 9 this year, together with our guests, we discussed the current challenges and trends in cybersecurity in Poland. Data from CERT Polska was presented – most incidents concern computer fraud, mainly phishing. Malware, including ransomware, accounts for about 18% of cases. Financial institutions, especially banks, are most often attacked. The number of incidents related to disinformation and attacks on information portals is growing. In 2023, 51 serious incidents potentially threatening state security were recorded – 10 more than a year earlier. Attention was drawn to the large scale of threats in the public sector resulting from staff shortages, underfunding and neglect in the field of cybersecurity.

The section on regulations indicates that since 2013 Poland has been developing a cybersecurity policy framework, but initially it was fragmented. The implementation of the National Cybersecurity System (NCS) Act and the NIS Directive was key. The newer NIS2 Directive from 2022 significantly expands the scope of obligations and sectors covered by regulations – including transport, energy, space and laboratories. It also introduces requirements for reporting, cyber hygiene, board responsibility and supply chains. The Cybersecurity Act of 2019 established a framework for hardware and software certification in the EU. Poland is preparing an amendment to the NSC Act, but the work is delayed.

Key problems were identified: lack of a central institution coordinating activities, financial and staff shortages, and delays in implementing regulations.

In the context of international cooperation, Poland’s support for Ukraine was discussed, including in transferring data to clouds, as well as the Estonian “Data Embassy” model as an example of securing data outside the country’s borders. The importance of cloud computing was emphasized, including the so-called availability zones ensuring business continuity.

The example of Germany shows the value of open standards and open source technologies, especially in the space sector. In the context of the war in Ukraine, the importance of business continuity planning and the challenges related to the physical transport of data are discussed. Finally, the applications of artificial intelligence in cybersecurity are presented – for example, the automation of document analysis in certification processes.

Key recommendations:

1. It is necessary to establish a central body coordinating cybersecurity activities at the state level.

2. The state should increase spending on cybersecurity in the public sector, including training and employment of specialists.

3. It is worth implementing AI technologies to automate risk analysis and compliance processes, which will increase the effectiveness of security systems.