The government will allocate PLN 4 billion for cybersecurity in 2025, Deputy Prime Minister and Minister of Digital Affairs Krzysztof Gawkowski informed during the conference. He added that the greatest threat to the country's cybersecurity comes from Belarus and Russia, and the Ministry of Digital Affairs hopes that the act on cybersecurity certification will reach the government in April.
“Today, Poland spends the most on cybersecurity in its history (…). If we combined two important paths, i.e. civil and military (…), Poland's expenditure in the area of cybersecurity would reach PLN 4 billion,” said Deputy Prime Minister Gawkowski.
“I would like these expenses to be much higher next year, because there are many needs, especially in the context of local government, which is our greatest responsibility today. That is why I am very pleased that the prepared resilience and security fund implemented with the support of the Ministry of Funds will include a large component of support for cybersecurity,” he added.
The Deputy Prime Minister said that the greatest danger regarding targeted attacks on Poland in cyberspace concerns Belarus and Russia.
“In recent days, we have seen increased activity by Russian hackers and groups prepared to do so, especially against critical infrastructure related to water and sewage,” he said.
He also pointed out that the effectiveness of Polish services in the event of cyberattacks is over 99 percent.
“I believe that the act on cybersecurity certification will be adopted by the government in April. I hope that the act on the national cybersecurity system will be before the government in the coming months, so that we close 2025 with a full plan on how to build a system that will not only work efficiently from the technical side, but also have strong legislative foundations,” he said.
As reported by the Ministry of Digital Affairs in a press release, in 2024 the number of reports regarding security breaches of ICT systems increased by 60%, and the number of actually identified incidents increased by 23% compared to 2023.
“In 2024, we recorded over 627,000 incident reports – 60 percent more than the year before. These are signals from citizens whose online security the state is obliged to protect. (…) We provide tools that strengthen the cybersecurity system and direct real support to where it is most needed,” said Deputy Prime Minister Krzysztof Gawkowski, quoted in a press release.
It was indicated that in 2024, national level CSIRTs registered a total of 111,660 IT security incidents. CSIRT NASK recorded 103,449 cases (an increase of 29% compared to the previous year), CSIRT GOV – 3,991 (a decrease of 15%), and CSIRT MON – 4,220 (a decrease of 28%). This means an overall increase in the number of incidents by 23% on a national scale.
There were even more reports of potential violations – a total of 627,339 (an increase of 60%). CSIRT NASK registered a 64% increase in the number of reports and the number of incidents in its register increased from 80,267 to 103,449. The average daily number of incidents handled by NASK increased from 220 to 283.
There were also 57 per cent more so-called serious incidents – those that may affect the continuity of an institution’s operations – and 58 per cent more incidents in the public sector.
“The Ministry of Digitization will launch a new platform CYBER.GOV.PL. Thanks to it, all services and tools in the field of cybersecurity will be available in one place. It will be a central point of contact for all participants of the national cybersecurity system. The aim is to simplify the reporting of incidents and the exchange of information, as well as to provide real support in raising the level of security,” it was written.
It was pointed out that local governments and local institutions require special support in increasing the level of cybersecurity, which results from limited budgets and the availability of IT specialists.
One of the key activities in this area is the migration of local public services to cloud solutions, such as the Government Computing Cloud (RChO) and the National Data Processing Center (KCPD). The cloud is intended to increase data security, reduce costs and improve the availability of services.
In addition, it is planned to create local response teams (CSIRTs) and operational centres (SOCs), which will support local government units in responding to threats.
In 2024, the Ministry of Digital Affairs prepared a draft amendment to the act on the national cybersecurity system. The changes are to adapt Polish law to the requirements of the EU NIS 2 directive and strengthen the state's resistance to digital threats. (PAP Biznes)
mcb/ alk/ ana/
