Polish government drafts cyber-security strategy, eyes new cyber-security institution

Poland's coat of arms
Poland's coat of arms

The Polish Ministry of Digital Affairs has released a draft framework document for Poland's new cyber-security strategy and is considering establishing a new institution to oversee the country's cyber-security efforts.

“In the document, we present not only a legal-institutional analysis of the current state of play, but also the main foundations of an effective system of protecting Polish cyber-space, and the proposed solutions which will allow preparation of a national cyber-security strategy,” the ministry said in a statement.

The framework document states that it is “vital to establish a system of financing the tasks related to protecting cyber-space. And most importantly, effective cyber-space protection must comprise adoption of a legal framework for a national cyber-space protection system, indicating (establishment of) a state institution which will coordinate the activities of other entities”.

This means that the Polish government could create a new institution tasked with coordinating the country's cyber-security activities. The draft framework document was submitted for a public consultation which ended on 8 March.

“We have completed the consultation phase, and we are currently analysing the material obtained. There were many responses to our call for opinions and comments from various organisations and entities,” Karol Manys, spokesperson for the Ministry of Digital Affairs, told SCMagazineUK.com

What is also noteworthy is that the ministry has released a roadmap document which indicates the time schedule for the strategy. Under the plan, the final draft of the document is to be prepared by 4 May, following which it will be submitted for public consultation, according to data from the ministry. The consultation will be completed by the end of June, and the document will be published in the country's official journal by the end of September.

Dariusz Włodarczyk, an IT security expert at Hestia Loss Control, told SCMagazineUK.com that these efforts are accompanied by an increased awareness of the importance of cyber-security in the Polish private sector.

“Polish companies have been actively developing their IT security measures,” Włodarczyk said. “The amount of funds which are allocated to this field of security are, above all, related to the financial capacities of these companies and the results of their risk analyses. Currently, Polish companies spend about 10 percent of their annual IT budgets on measures to prevent cyber-attacks. At a global level, this ratio exceeds 20 percent. The structure of these expenses does not resemble a logarithmic function yet, but we have been observing a steady increase in this field.”

On a related note, the ministry's latest cyber-security efforts are part of its broader strategy to stimulate increased innovation in the Polish economy. In its Strategic Action Priorities document from March 2016, the ministry said that delays “in the area of digitisation indicate a low level of innovation” in Poland. In the latest edition of the annual "Global Innovation Index – Effective Innovation for Policies Development", published by Cornell University, Poland was ranked 46th out of the 141 world economies, with 26 EU member states preceding it, as pointed out by the ministry.