Cyberattacks are increasingly aimed not only at companies, but also at critical infrastructure, public administration and sectors responsible for the functioning of the state. Experts emphasise that their consequences go far beyond the financial sphere. Cyberattacks can weaken the competitiveness of economies, the resilience of key systems and the image of countries on the international stage.<\/p>\n
\u201cIT systems are crucial for the functioning of the state. They control energy systems, water supply networks and public transport. There is no area today that is not connected to IT to a greater or lesser extent. Therefore, the security of IT systems and tools is critical for defence against external attacks,\u201d says Piotr Ferszka, CEO of SAP Polska, in an interview with Newseria.<\/p>\n
According to ENISA, the European Union Agency for Cybersecurity, and its \u201cThreat Landscape 2025\u201d report, which analysed 4,875 cybersecurity incidents in Europe between July 2024 and June 2025, attacks most often targeted public administration, which accounted for 38.2 percent of incidents. This was followed by transport, infrastructure and digital services, finance and manufacturing. Phishing was used in 60 percent of incidents, including fake emails, online advertisements and telephone scams. ENISA also points to the growing role of cybercriminal activity using social engineering and tools based on artificial intelligence.<\/p>\n
\u201cCyberattacks weaken the efficiency of companies operating in Poland and, as a result, reduce the competitiveness of our economy. This may lead to lower tax revenues, which in turn means less money for defence against kinetic attacks. Therefore, the IT area is crucial and critical for the continuity of the state\u2019s operations,\u201d explains Piotr Ferszka.<\/p>\n
CERT Polska emphasises that cyber incidents today affect not only IT systems themselves, but also customer data, supply chains and the functioning of companies and institutions. ENISA, in turn, indicates that attacks now target not only the largest corporations, but also smaller companies participating in digital supply chains.<\/p>\n
\u201cThis is an element of weakening a country economically, but also damaging its reputation. If public and state institutions are attacked, this reduces citizens\u2019 trust and harms Poland\u2019s image on the international stage. As a result, it has a multidimensional impact on the condition of the Polish economy and Polish defence capabilities,\u201d says the CEO of SAP Polska.<\/p>\n
According to KPMG\u2019s \u201cCybersecurity Barometer 2026\u201d, last year 96 percent of companies in Poland experienced at least one security incident. This represents an increase of 13 percentage points year on year and the highest result in the nine-year history of the study.<\/p>\n
\u201cCompanies, both large ones and small and medium-sized enterprises, are taking cybersecurity threats seriously. They are aware that the data they hold is a natural source of competitive advantage, so they naturally think about how to protect themselves against cyberattacks and ensure business continuity. The last four years, since February 2022, have shown that Poland has been a place of mass cyberattacks,\u201d Piotr Ferszka notes. \u201cWe have seen several examples where these attacks proved successful, but given the sheer volume of hundreds of thousands of attacks, it seems that the level of preparedness and security is at a fairly decent level.\u201d<\/p>\n
According to CERT Polska, on 29 December 2025, coordinated attacks were carried out against Polish energy infrastructure. They targeted more than 30 wind and photovoltaic farms, a private company from the manufacturing sector and a combined heat and power plant supplying heat to nearly half a million recipients. The attacks were destructive in nature and were aimed both at IT systems and devices controlling industrial infrastructure. The incidents occurred during a period of low temperatures and snowstorms. Experts indicate that, in the case of the combined heat and power plant, the attack was preceded by the takeover of privileged accounts and the presence of attackers in the plant\u2019s systems. Despite the scale of the operation, there were no interruptions in energy supplies, and the power system remained stable.<\/p>\n
\u201cIt was quite a serious test, and we passed it. Unfortunately, however, this is a never-ending story. We should improve not only our technologies on a daily basis, but also the procedures and processes that allow us to maintain access to information in a concise and coherent way, as well as educate users on how not to fall victim to social engineering and information theft,\u201d says the CEO of SAP Polska. \u201cEmployees should feel responsible for security in the company, both physical and cyber security. But it is also about procedures: clearly defined, transparent procedures that ensure everyone knows their role in the event of a cyber threat or a physical threat. These are areas that require attention and are definitely the responsibility of every entrepreneur.\u201d<\/p>\n
KPMG\u2019s study indicates that in 2026 the largest share of cybersecurity budgets will be allocated to investments in protection against malicious software, employee awareness programmes and internal network security.<\/p>\n
According to experts, such comprehensive investments bring results in many dimensions. This can be seen, among other things, in the decline in the average cost of a data breach. According to IBM\u2019s \u201cCost of a Data Breach Report 2025\u201d, last year the global average cost reached USD 4.4 million, down 9 percent year on year. The main reasons for the decline were faster incident detection and more effective actions aimed at containing incidents and limiting their consequences. However, quickly restoring an organisation\u2019s operations after attacks and reducing the impact of data leaks remain among the most serious challenges.<\/p>\n
\u201cAmong our clients, we have seen cases where restoring basic operational capacity took days, sometimes hours. However, restoring full efficiency and recovering from problems related, for example, to data theft and reputational damage often takes weeks, months or even years. This is particularly true when we are talking about private businesses, whose natural feature is competition on the Polish or foreign market. Loss of reputation directly affects financial results. Rebuilding it, unlike technological and procedural recovery, is much more difficult,\u201d emphasises Piotr Ferszka.<\/p>\n","protected":false},"excerpt":{"rendered":"
Cyberattacks are increasingly aimed not only at companies, but also at critical infrastructure, public administration and sectors responsible for the functioning of the state. Experts emphasise that their consequences go far beyond the financial sphere. Cyberattacks can weaken the competitiveness of economies, the resilience of key systems and the image of countries on the international […]<\/p>\n","protected":false},"author":1,"featured_media":5692,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[3457],"tags":[2974,2789,4653,2767,47,4654,64,2680,4655,2726,2701],"class_list":["post-5690","post","type-post","status-publish","format-standard","has-post-thumbnail","category-security","tag-artificial-intelligence","tag-beyond","tag-cert-polska","tag-element","tag-european-union","tag-piotr-ferszka","tag-poland","tag-polska","tag-sap-polska","tag-target","tag-usd"],"jetpack_publicize_connections":[],"_links":{"self":[{"href":"https:\/\/ceo.com.pl\/en\/wp-json\/wp\/v2\/posts\/5690","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ceo.com.pl\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ceo.com.pl\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ceo.com.pl\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ceo.com.pl\/en\/wp-json\/wp\/v2\/comments?post=5690"}],"version-history":[{"count":1,"href":"https:\/\/ceo.com.pl\/en\/wp-json\/wp\/v2\/posts\/5690\/revisions"}],"predecessor-version":[{"id":5691,"href":"https:\/\/ceo.com.pl\/en\/wp-json\/wp\/v2\/posts\/5690\/revisions\/5691"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ceo.com.pl\/en\/wp-json\/wp\/v2\/media\/5692"}],"wp:attachment":[{"href":"https:\/\/ceo.com.pl\/en\/wp-json\/wp\/v2\/media?parent=5690"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ceo.com.pl\/en\/wp-json\/wp\/v2\/categories?post=5690"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ceo.com.pl\/en\/wp-json\/wp\/v2\/tags?post=5690"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}