Cybersecurity has become one of the most discussed and urgent topics in Poland in recent months and even years. While the war on Poland’s eastern border undoubtedly raises the stakes, it is not the only factor increasing the importance of cyber defense. For several months now, Poland has been struggling with the implementation of the NIS2 Directive, whose deadline passed nearly a year ago. While formal regulations remain absent, the country continues to face an increasing number of serious cyber incidents.
Poland Under (Cyber) Pressure
Poland is experiencing growing pressure on the cybersecurity front. One of the most significant events was the cyberattack on the Ministry of Interior and Administration’s hospital in Krakow in March 2025. This incident, a case study in itself, demonstrated how vulnerable critical infrastructure remains. Perpetrators hit the hospital’s main computer system processing medical documentation. The attack caused significant disruptions to hospital operations, putting patient care at risk. The hospital’s backup and recovery procedures worked well, and the negative impact of the incident was reduced. According to the Polish Computer Security Incident Response Team (CSIRT), the number of cyber incidents in Poland has been steadily growing, reaching approximately 111,000 in 2024. These incidents range from ransomware and phishing campaigns to more sophisticated intrusions aimed at public institutions and private enterprises alike. This rise underscores the urgent need for comprehensive cybersecurity measures.
Status of NIS2 Implementation
The deadline for the implementation of NIS2 passed in October 2024, but Poland is still working on the draft of a bill to implement the EU directive. Although the Polish bill seems to be ready in its fundamentals, it is still subject to fine-tuning in recent versions. Interestingly, it is estimated that even a couple of thousand entities in Poland may potentially fall under its scope. This includes a broad spectrum of operators deemed essential or important for the functioning of the economy and society. Debates continue over whether the proposed law’s scope is too broad or too narrow, reflecting the delicate balance between ensuring security and maintaining operational flexibility. Key provisions of the draft bill impose specific cybersecurity obligations on particular entities, including mandatory risk assessments, incident reporting, and cooperation with authorities. Despite the urgency, formal adoption and enforcement of these regulations remain pending, leaving many organizations in a state of uncertainty amid escalating cyber threats.
The Cybersecurity Services Market in Poland
The ongoing cyber pressure is simultaneously driving a surge in demand for cybersecurity services and specialists. The market for cyber experts – ranging from security operations centers and network operations centers to penetration testers – is flourishing in Poland. Attractive salaries and lucrative job offers reflect the critical shortage of skilled professionals.
Notably, initiatives like CyberMadeInPoland aim to bridge cooperation between the private sector, academia, and government institutions, fostering an integrated cybersecurity ecosystem. This collaboration is crucial for developing effective defense strategies and nurturing talent. The rapid digitization of public administration also plays a vital role. Government agencies, as well as public finance sector entities such as hospitals and water utilities, are especially vulnerable to cyberattacks. National programs like Safe Water Utilities offer funding to strengthen cybersecurity capabilities in these critical areas, illustrating a growing recognition of cyber risks at the governmental level.
Prospects for Cybersecurity Development in Poland
The cyberthreat landscape continues to evolve rapidly. Ransomware and phishing attacks remain widespread, but new attack vectors, including artificial intelligence-based threats, are emerging. This adds complexity to defense strategies and necessitates continuous innovation. The delayed implementation of NIS2 highlights challenges in policy-making and regulatory enforcement. However, the growing cybersecurity services market and increased cooperation between sectors signal a positive trend toward strengthening national defenses.
Once NIS2 implementing legislation is finally adopted in Poland, it is expected to unleash significant interest from companies, specialized cybersecurity providers, and, naturally, legal firms. Most probably, demand for training and professional development will surge.
It can also be expected that expert governmental bodies (such as Polish CSIRTs, or NASK – Scientific and Academic Computer Network, an agency responsible for Internet safety in the country) would play a significant role in coordinating national cybersecurity efforts, as well as educating companies across various sectors.
Last but not least, the implementation of NIS2 lays the groundwork for compliance with the upcoming Cyber Resilience Act, which is set to partially come into force by 2026. This new regulation will introduce additional cybersecurity requirements, especially for manufacturers and suppliers of digital products.
By Lukasz Wieczorek, Partner and Head of TMT/IT, KWKR Konieczny Wierzbicki and Partners
This article was originally published in Issue 12.9 of the CEE Legal Matters Magazine. If you would like to receive a hard copy of the magazine, you can subscribe here.
