16:31 7 March 2026
EU NIS2 directive implemented into Polish law by president
Poland’s president signed an amendment to the National Cybersecurity System Act implementing the EU NIS2 directive, starting a preparation period for companies. The new rules will take effect one month after publication in the Journal of Laws and will require firms to assess whether they fall under the regulations and implement cyber risk management systems. NIS2 expands obligations in areas such as risk management, supply chain security and incident reporting. Non compliance could lead to penalties of up to EUR 10 mln or 2% of global annual turnover. The law covers 18 sectors and introduces categories of key and important entities subject to different oversight.
Experts say companies must move quickly from analysis to action and build long term cybersecurity management frameworks.
