The document identifies the measures and mechanisms that are to strengthen Poland's cyber-security capabilities by 2022, and states that it is indispensable to create a dedicated fund which would serve to finance the development of cyber-defence capacities within the state budget. Currently, a number of projects related to cyber-security are financed from the budgets of separate ministries and state institutions.
“The Cyber-Security Strategy is currently at the stage of being evaluated by the Digital Affairs Committee of the Council of Ministers. After obtaining its opinion, it will be submitted to the Prime Minister's Office for further legislative works by the government,” Karol Manys, a spokesperson for the Polish Ministry of Digital Affairs, told SC Media UK.
The document defines four goals that are to be achieved: ensuring a coordinated capacity to combat cyber-threats at state level, increasing Poland's capability to counter such threats, enhancing the digital competences of local entities, and strengthening Poland's international position in the field of cyber-security. This is to be achieved through a number of measures, including the implementation of new legislation, facilitating investments in technology, and overhauling the institutional framework, according to the strategy.
“Developing the national cyber-security system necessitates modifying the law. As a result, a review of the existing legislation will be carried out to ensure its harmonisation, allow to increase its efficiency, and improve the flow of information among all the stakeholders,” the document says.
The document also indicates that Poland's government aims to increase the cyber-defence capacities of the country's armed forces.
“It will be also indispensable to undertake legislative work to regulate the field of producing, handling, acquiring and using specialised tools that allow to perform military activities in cyber-space by the Ministry of Defence,” according to the draft strategy.
The inter-governmental group which drafted the document included representatives of the Digital Affairs Ministry, the Ministry of Defence, the Interior Affairs and Administration Ministry, the Research and Academic Computer Network, as well as a number of state agencies, including the Internal Security Agency and the National Security Bureau. Currently, the Digital Affairs Ministry coordinates all questions related to the state cyber-defence policy. However, under the plan, the coordination of the military dimension of the country's cyber-defence is to be delegated to the Defence Ministry which recently unveiled plans to boost its spending in this area.
“Cyber-defence capacities are of key importance in a region which has witnessed an increased use of hybrid military activities over the past years,” prof. Marek Jablonowski, a political scientist from the University of Warsaw, told SC.
In the coming years, the Defence Ministry plans to establish a number of new entities to develop its cyber-defence capacities. These are to include a new laboratory of IT systems research and development, implementing a security information and event management (SIEM) system, as reported by local broadcaster TVN24Bis.