The scale and nature of cyber threats
In 2024, CSIRT teams operating under the National Cybersecurity strategy recorded a full of over 111 1000 incidents – 23% more than a year earlier. The CSIRT NASK itself recorded 103,000 events, which means an increase of up to 29%. Computer fraud (more than 97,000 cases), detection of harmful software (more than 1800 cases) and vulnerability of services (more than 1,600 cases) dominated. This demonstrates a rapidly increasing scale of threats and the request to further improve safety systems.
Our digital stronghold is constantly under the fire of cyber criminals – and must be reinforced in all layer – to improve ICT systems.
The attacks are not just mass today. In addition to classical phishing campaigns, we are increasingly dealing with precise actions of APT groups – structures operating on behalf of countries hostile to Poland. Their goal is not only to bargain data, but besides to disrupt critical systems and prepare the ground for strategical attacks. These are actions aimed at the foundations of our infrastructure – like saboteurs who want to break the foundation stone of the bastion.
Cyberattacks are becoming more complex and deliberate – our digital fortress must be constantly reinforced, due to the fact that present we are constantly under fire and the enemy hits the foundations of our infrastructure.
Who's the mark today?
The attacks are aimed at public administrations and critical actors in supply chains. This is not just a substance of defence or home affairs. The Ministry of Digital Affairs, whose work I direct, together with the CSIRT teams, the services and the Cybersecurity Government Plenipotentiary, whose function I besides perform, conducts shielding activities against a wide scope of entities. all municipality, all water supply company, all region is simply a brick in the wall of the Polish bastion – if any falls out, the full structure loses its resistance.
The war in Ukraine has importantly changed the scenery of threats – both digital and geopolitical. Poland, as a logistical base of the fighting state, has become 1 of the key goals of hostile digital operations. Impacts are aimed at transport and IT infrastructure. The expanding activity of criminal and hacktivist groups, frequently operating with the support of hostile states, is exacerbating pressure. Therefore, our bastion must have not only solid walls, but besides sentries – ready for any change of direction of attack.
What the state does – regulations, competences, technologies
The answer is simply a strategy approach: regulations, technology, competences. Implementation of the NIS Directive2 is ongoing throughAmendment of the National Cybersecurity strategy (KSC) Act. We invest in training, grow the Cybersecurity Fund, make structures capable of real-time operational consequence – specified as the Combined Cybersecurity Operations Centre.
Every component of the state – from the municipal office to the central logistics strategy – is part of the digital bastion. If 1 fails, the full structure loses its resistance.
We implement technologies that are crucial to national security: CTI (Cyber Threat Intelligence), safe communications systems, antiDDoS protection for strategical institutions, including the Armed Forces of the Republic of Poland, and S46 safety management platform. Not only do we build bastion – we besides strengthen its gates, walls and interior communication.
Sectoral programmes – “Cybersafe government”, “Cybersafe government” and “Cybersafe waterworks” – support the modernisation of local, central and sectoral units. These include the improvement of IT infrastructure and the increase of the competence of method teams in public units. Bastion is not a fortress of 1 city – it is simply a network of fortified points that must interact and support each other.
Wide-ranging actions must be continued, as forecasts clearly indicate that threats will deepen.
Digital safety does not start on the front – starts with regulations, competences and technologies that make an invisible but impenetrable defensive wall.
The number of attacks on supply chains as well as the usage of gaps in shore equipment and industrial systems available from network level will increase. It requires fresh powers, fresh security, fresh thinking. due to the fact that the modern opponent does not storm walls – he seeks leaks in ducts and forgotten entrances through the back door.
AI as a weapon, neglect as a gateway to attacks
Still many critical infrastructure operators and public administration units have not implemented multi-component authentication (MFA). In a time of attacks sponsored by the state, it is unacceptable to neglect – due to the fact that it allows to take control of systems of strategical importance. The deficiency of specified basic safety is like leaving an open door in the guardhouse. But in a bastion, doors can't dodge themselves.
We are observing the expanding risks resulting from the improvement of generic artificial intelligence – which previously were only forecast. make AI is increasingly utilized to make false images, voices and content. Criminals build complex campaigns of fraud, disinformation and intellectual influence. The digital fortress is besides targeted by the minds of its inhabitants.
In response, we build systems based on cooperation and information exchange. We strengthen the Cybersecurity College, make operational crisis management structures, integrate the activities of services and institutions – including CSIRT NASK, GOV, MON, CEZ, CBZC and CSIRT KNF. Regular operational meetings of the Joint Operations Centre Cybersecurity (PCOC) let for a fast consequence in crisis situations. due to the fact that only a good crew can defend a bastion from assault and sabotage at the same time.
Key: cooperation and fast consequence
We're not just looking at today. The future is quantum computers – which can invalidate current encryption methods. Therefore, we make postquant cryptography (PQC) and build our own competences in the area of quantum data transmission. We have something to boast about – in June, in Poznań, we launched the first European quantum computer. Thanks to this task Poland joined the leaders of quantum technology improvement in Europe.
In the digital war, 1 neglect is adequate for the enemy to enter our territory without fighting. The opponent does not storm only the walls of our fortress – he seeks leaks in ducts and forgotten entrances through the rear door.
It is crucial to act in this area now – before it is besides late. You can't wait for the enemy to break down the gate – you gotta strengthen it before it puts the first batter.
Cybersecurity of the future begins present – due to the fact that only a bastion built of competence, technology and prediction will last an attack that is not yet visible.
Cybersecurity of Tomorrow: Quantum Technologies and strategical Investments
We are building the NASK Cybersecurity Center – composed of, among others, the National Data Recovery Centre, the Operations Centre, the AI Laboratory, the Fuzzing laboratory and the Certification and Modeling Centre. The task worth PLN 310 million will be implemented by 2029. This is an investment in infrastructure, competence and independency – crucial besides for the implementation of the NIS Directive2. It is the heart of the bastion – a command center that must be resistant to any form of danger.
We besides carry out 4 strategical projects within the KPO – with a full value of over 864 million PLN – including the improvement of 5 sectoral CSIRT teams, the modernization of 500 public institutions and the construction of a regional network of experts. This strengthens the strategy at both local and national level. due to the fact that all bastion needs not only walls, but besides observers, scouts and repair people.
Digital sovereignty versus cybercolonialism
The strength of the bastion is not demonstrated solely by defence systems, but besides by digital sovereignty. What I warned against in "Cybercolonialism" in 20181 – it comes actual before our eyes. Our data is the fuel of global companies, and we are giving control of algorithms, processes and infrastructure. It's like letting strangers command their own defence – with a grin on their face.
PLLuM – example of sovereign technology
This is why we focus on our own technological solutions – specified as PLLuM, a Polish large language model created by our experts, developed for administration, education and innovation. We made it publically available to support digital transformation in accordance with Polish language, culture and needs. For if AI is to talk to us, let him talk with our voice – from inside our fortress, not from behind its walls.
Today Poland protects not only itself – it becomes the architect of a common digital European fortress.
Poland in the EU – leader in digital security
Today, safety and digital sovereignty are not a choice but a duty. During the Polish Presidency of the EU Council, we made cybersecurity 1 of the key priorities. The consequence of our actions was the adoption of the EU Cyber Blueprint – a common framework for responding to large-scale cyberspace incidents. Poland played the function of the architect of digital safety in Europe. We have shown that we are not only defending our own walls, we are building a common, safe European fortress. Poland is already a digital bastion of the West. And he won't quit under pressure.
1 K. Gawkowski, Cybercolonialism. research the planet of digital friends and enemies, Gliwice 2018.
![Nie spodobało się, iż nazwałam się imamką [Rozmowa z Seyran Ateş]](https://cdn.oko.press/cdn-cgi/image/trim=398;0;424;0,width=1200,quality=75/https://cdn.oko.press/2025/08/AFP__20170728__R207J__v1__HighRes__GermanyFranceReligionIslamMosque.jpg)
