The new EU Cyber Security Directive (so-called “NIS II”) came into force on 16 January 2023. Member states, including Poland, are required to implement it into national law by October 2024.
NIS II expands the scope of businesses covered by cyber security obligations. It will cover the transport industry to a wider extent than before. In rail transport, the directive will cover, among others, operators of service facilities or those providing services to railway undertakings. In maritime transport, it will cover shipowners, vessel traffic system operators, port and port infrastructure managers as well as individuals performing work and operating equipment located in ports.
Meeting cyber security obligations may require significant investment in IT departments. To prepare for this, entrepreneurs should already verify at this stage whether they are within the scope of the Directive.
Should you have any questions, please contact:
Attorney at law
+48 91 886 24 01