Current Status: Poland has adopted a national strategy on cybersecurity in 2013. “Cyberspace protection policy of the Republic of Poland”
The National Security Bureau (BBN) published the Polish cybersecurity doctrine in January 2015.
- The Polish cybersecurity doctrine emphasizes the need for "pursuing active cyberdefence, including offensive actions in cyberspace, and maintaining readiness for cyberwar," protection and defence of Polish teleinformation systems and accumulated data, and supporting key private firms in their cybersecurity efforts.
- Increasing the level of security of the State ICT infrastructure.
- Improving the capacity to prevent and combat threats from cyberspace
- Reducing the impact of incidents threatening the ICT security.
- Determining the competence of entities responsible for the security of cyberspace.
- Creating and implementing a coherent system of cyberspace security management for all government administration entities and establishing guidelines in this area for non-state actors.
- Creating a sustainable system of coordination and exchange of information between the entities responsible for the security of cyberspace and the cyberspace users
- Increasing awareness of the cyberspace users on the methods and safety measures in cyberspace.
The objectives of the Policy are implemented through:
- the coordination system to prevent and respond to threats and attacks on cyberspace, including attacks of a terrorist nature;
- the widespread adoption of mechanisms for the prevention and early detection of threats to the cyberspace security and the proper procedure for the identified incidents among the government administration units as well as non-state actors;
- the general and specialized social education in the field of security of CRP.
|Year of adoption||Established in June 2013 by Ministry of Public Administration and Digitisation (MAC) and Internal Security Agency (ABW) Cyberspace protection policy of the Republic of Poland (English)|
|Updates and revisions||
Cybersecurity Doctrine of the Republic of Poland 2015 (summary in English)The National Security Bureau (BBN) published the Polish cybersecurity doctrine in 2015,
|Implementation and monitoring||
The entity coordinating the implementation of the Policy, on behalf of the Council of Ministers, is the minister responsible for informatization.
The Ministry of Administration and Digitization, The Ministry of National Defense and the Internal Security Service are the officially recognized agencies responsible for implementing a national cybersecurity strategy, policy and roadmap.
In facilitating sharing of cybersecurity assets across borders or with other nation states, Poland has officially recognized partnerships with the following through CERT.GOV.PL and CERT Polska:
|Public-private partnerships||There is no information on any officially recognized national or sector-specific programs for sharing cybersecurity assets within the public and private sector in Poland.|
|Date of last WISER analysis||November 2016|
Current status: NIS Directive and national CERTs/CSIRTs
CERT.GOV.PL <www.cert.gov.pl> was established in 2008. It is responsible for coordinating security and incident response measures for Polish state authorities and entities engaged with critical infrastructure.
In the implementation of tasks relating to the security of CRP the Governmental Computer Security Incident Response Team CERT.GOV.PL is acting as the primary CERT in the area of government administration and the civil area.
Followed by the PIONIERCERT (Computer Security Incident Response Team that has been established to provide effective incident response service to members and users of Polish Scientific Broadband Network PIONIER (and POL34/622):
And the TP CERT (Computer Emergency Response Team) ensures the safety of users of the Polish telecommunications network. The activity of TP CERT is to monitor threats to the security systems connected to the TP network and responding to detected threats, especially in incidents reported by users. The main task of the team is to take the necessary actions in cases of cyber-security threats.
There is also SRnIK (Computer Incident Response System of the Ministry of National Defense)
Poland has officially recognized ARAKIS-GOV as a national program for sharing cybersecurity assets within the public sector.
Early Warning System http://arakis.pl/pl/ews/ (only in Polish)
|Report an incident||
Telephone: +48 22 58 59 373
|Date of last WISER analysis||November 2016|