With the beginning of 2025, the process of implementing the Network and Information Systems Directive 2 (NIS2) in Poland remains one of the most important legislative challenges in the area of cyber security. Although the deadline for bringing national legislation into compliance with the directive expired on October 17, 2024, legislative work is still ongoing, raising questions about future changes, deadlines for implementation and the consequences of delays. In this article, we discuss the current state of the law, the planned compliance deadlines and the challenges facing businesses and public administration. <\/p>\n\n
NIS2 Directive – Purpose and Significance<\/strong><\/p>\n\n The NIS2 Directive is a development of the first NIS Directive, adopted in 2016, aimed at raising the level of cyber security in the European Union. It aims to: <\/p>\n\n The adaptation of Polish law to the requirements of NIS2 is being implemented through an amendment to the Law on the National Cyber Security System (KSC).<\/p>\n\n The Current State of Legislation in Poland<\/strong><\/p>\n\n The first draft of the amendment to the KSC Law was published in April 2024 and subjected to extensive public consultation. As a result of numerous comments, the Ministry of Digitization prepared another version of the draft, published on October 7, 2024. The second draft took into account about 70% of the comments made, with the aim of improving the clarity of the law and improving oversight of its implementation. <\/p>\n\n Despite intensive legislative work, the amendment to the law was not passed before the end of 2024. The authorities have announced that the law may reach the Parliament in the first quarter of 2025. The legislation is scheduled to finally come into force in the second half of the year, but the lack of specific dates is causing uncertainty among entrepreneurs. <\/p>\n\n Planned Timing and Anticipation<\/strong><\/p>\n\n Although the amendment to the KSC Law has not yet been enacted, it is clear from the drafts so far that the expected compliance dates for regulated entities will be as follows:<\/p>\n\n However, these periods are subject to change depending on the final version of the law.<\/p>\n\n Challenges with Delayed Implementation<\/strong><\/p>\n\n Delays in the implementation of the NIS2 directive in Poland are causing a number of problems and challenges:<\/p>\n\n Recommendations for Entrepreneurs<\/strong><\/p>\n\n Faced with delays in the legislative process, businesses should take preemptive action. Here are key steps to take now: <\/p>\n\n The implementation of the NIS2 Directive in Poland is an inevitable step to strengthen the country’s cyber security system. The year 2025 will be crucial for enacting amendments to the NSC Act and implementing the new regulations. Although delays in the legislative process create uncertainty, businesses should proactively prepare for the changes by investing in cyber security and adapting their procedures to the anticipated requirements. Proactive measures will avoid risks and ensure compliance with future standards. <\/p>\n","protected":false},"excerpt":{"rendered":" With the beginning of 2025, the process of implementing the Network and Information Systems Directive 2 (NIS2) in Poland remains one of the most important legislative challenges in the area of cyber security. Although the deadline for bringing national legislation into compliance with the directive expired on October 17, 2024, legislative work is still ongoing,…<\/p>\n","protected":false},"author":78325372,"featured_media":2296,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":"","footnotes":""},"categories":[30],"tags":[],"class_list":["post-3175","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity"],"taxonomy_info":{"category":[{"value":30,"label":"Cybersecurity"}]},"featured_image_src_large":["https:\/\/www.virtuosoc.com\/wp-content\/uploads\/2024\/12\/82727-1024x512.webp",1024,512,true],"author_info":{"display_name":"27web","author_link":"https:\/\/www.virtuosoc.com\/en\/author\/n3a66mi8n-27web\/"},"comment_info":0,"category_info":[{"term_id":30,"name":"Cybersecurity","slug":"cybersecurity","term_group":0,"term_taxonomy_id":30,"taxonomy":"category","description":"","parent":0,"count":2,"filter":"raw","cat_ID":30,"category_count":2,"category_description":"","cat_name":"Cybersecurity","category_nicename":"cybersecurity","category_parent":0}],"tag_info":false,"_links":{"self":[{"href":"https:\/\/www.virtuosoc.com\/en\/wp-json\/wp\/v2\/posts\/3175","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.virtuosoc.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.virtuosoc.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.virtuosoc.com\/en\/wp-json\/wp\/v2\/users\/78325372"}],"replies":[{"embeddable":true,"href":"https:\/\/www.virtuosoc.com\/en\/wp-json\/wp\/v2\/comments?post=3175"}],"version-history":[{"count":1,"href":"https:\/\/www.virtuosoc.com\/en\/wp-json\/wp\/v2\/posts\/3175\/revisions"}],"predecessor-version":[{"id":3176,"href":"https:\/\/www.virtuosoc.com\/en\/wp-json\/wp\/v2\/posts\/3175\/revisions\/3176"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.virtuosoc.com\/en\/wp-json\/wp\/v2\/media\/2296"}],"wp:attachment":[{"href":"https:\/\/www.virtuosoc.com\/en\/wp-json\/wp\/v2\/media?parent=3175"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.virtuosoc.com\/en\/wp-json\/wp\/v2\/categories?post=3175"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.virtuosoc.com\/en\/wp-json\/wp\/v2\/tags?post=3175"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n