Poland's critical infrastructure braces for digital warfare amid hybrid threats
Translated from Polish, summarized and contextualized by DistantNews.
At a glance
News
Named sources
Context piece
- Polish critical infrastructure companies face significant threats from modern hybrid conflicts, particularly in the energy and heating sectors.
- High financial penalties are seen as less effective motivators for cybersecurity than fostering awareness and continuous improvement.
- Companies like Veolia Polska are preparing for cyberattacks by focusing on practical cybersecurity measures and adapting to new regulations like NIS 2.
Companies managing critical infrastructure in Poland, such as the Veolia Polska Group, are confronting the stark reality of cybersecurity in the context of modern hybrid warfare. A successful cyberattack on their operational systems could immediately cut off essential services like heat and power to thousands of homes, underscoring the direct and severe societal consequences.
The ongoing conflict east of Poland has highlighted that energy, water, and heating sectors are on the front lines of these evolving hybrid conflicts. Strategic companies are no longer questioning if they will be targeted, but when. This proactive stance involves robust preparation and a clear understanding of the threats.
Jestem optymistฤ , poniewaลผ te regulacje to nie sฤ przepisy wymyลlone na nowo. Od 2018 r. funkcjonuje juลผ w Polsce pewna kultura cyberbezpieczeลstwa. Przepisy pojawiajฤ siฤ po to, aby dostosowaฤ kraj, przedsiฤbiorcรณw czy administracjฤ publicznฤ do nowych zagroลผeล. Majฤ c dobrze ugruntowany fundament z lat wczeลniejszych, tylko rozszerzamy pewne zakresy.
Piotr Potejko, Veolia Polska's Chief Security Officer, expressed optimism regarding Poland's and its companies' cybersecurity efforts, despite the concerning rise in threats and organized criminal groups. He noted that regulations, including the amended National Cybersecurity System (KSC) law implementing the EU's NIS 2 directive, have been effective motivators. Potejko emphasized that these regulations build upon an existing cybersecurity culture in Poland since 2018, expanding existing frameworks to address new dangers.
However, Potejko cautioned against over-reliance on high financial penalties, drawing parallels with GDPR where massive fines were stipulated but rarely enforced. He argued that such "scare tactics" are not always effective. Instead, he advocates for building awareness, fostering dialogue, and pursuing continuous improvement in cybersecurity practices. The market faces challenges like staff turnover in the IT sector and budget constraints, but the focus remains on proactive defense and adaptation.
Ale spรณjrzmy na RODO, gdzie rรณwnieลผ zapisano ogromne kary. Trudno wskazaฤ sfinalizowane sprawy w sฤ dach, w ktรณrych rzeczywiลcie je naลoลผono, co pokazuje, ลผe te straszaki niekoniecznie sฤ efektywne. Zamiast tego wolฤ budowaฤ ลwiadomoลฤ, rozmawiaฤ, naprawiaฤ i stale dฤ ลผyฤ do perfekcji w zakresie cyberbezpieczeลstwa.
DistantNews Editorial
Originally published by Rzeczpospolita in Polish. Translated, summarized, and contextualized by our editorial team with added local perspective. Read our editorial standards.
More Stories
From Our Blog
What Gets Lost (and Found) When News Is Translated
The Critical Role of Diaspora Media in Global News
What Travellers Should Know About Countries with Restricted Press
A Digital Nomad's Guide to Following Local News
How the Same Story Looks Different in Different Countries
