{"id":189369,"date":"2026-02-21T06:04:00","date_gmt":"2026-02-21T11:04:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/21\/poland-tightens-cybersecurity-rules-targeting-non-nato-suppliers\/"},"modified":"2026-02-21T06:15:07","modified_gmt":"2026-02-21T11:15:07","slug":"poland-tightens-cybersecurity-rules-targeting-non-nato-suppliers","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/21\/poland-tightens-cybersecurity-rules-targeting-non-nato-suppliers\/","title":{"rendered":"Poland tightens cybersecurity rules targeting non-NATO suppliers"},"content":{"rendered":"

Poland tightens cybersecurity rules targeting non-NATO suppliers<\/a><\/p>\n

https:\/\/notesfrompoland.com\/2026\/02\/21\/poland-tightens-cybersecurity-rules-targeting-non-nato-suppliers\/<\/a><\/p>\n

Publish Date: 2026-02-21 06:04:00<\/a><\/p>\n

Source Domain: notesfrompoland.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

\t\t\t\t\tKeep our news free from ads and paywalls by making a donation to support our work!<\/p>\n

Notes from Poland is run by a small editorial team and is published by an independent, non-profit foundation that is funded through donations from our readers. We cannot do what we do without your support.<\/p>\n

President Karol Nawrocki has signed into law a government bill tightening the national cybersecurity system by barring \u201chigh-risk\u201d vendors \u2013 particularly from non-NATO countries such as China \u2013 from sectors of the economy deemed crucial to the functioning of the state.
\nThe law, which implements a European Union directive and had cross-party backing, has sparked anger among some business groups, who say they will bear the costs of complying with the new rules.
\nCiting these concerns, Nawrocki referred the bill to the Constitutional Tribunal (TK) for review at the same time as signing it.<\/p>\n

Ustawy podpisane przez Prezydenta RP Karola Nawrockiego. pic.twitter.com\/9zdUuOYxlD
\n\u2014 Kancelaria Prezydenta RP (@prezydentpl) February 19, 2026<\/p>\n

Nawrocki highlighted that digital security is now a component of a wider national defence, pointing to the \u201cdramatically\u201d growing number of cyberattacks Poland has faced.
\n\u201cWe live in an era where war does not always start with a gunshot; sometimes it starts with a click,\u201d said the president. \u201cThis act strengthens defence mechanisms, improves institutional cooperation, and allows for the elimination of high-risk suppliers.\u201d
\nLast year\u2019s Microsoft Digital Defense Report found that Poland suffered the most cyberattacks amongst EU countries. Among recent incidents,\u00a0Poland\u2019s power grid was targeted in late December, with the government saying it left the country \u201cvery close to a blackout\u201d.<\/p>\n

Poland suffered a major cyberattack on its power grid at the end of December and “came very close to a blackout\u201d, the government has revealed.
\n\u201cEverything points to Russian sabotage,” says the digital affairs minister https:\/\/t.co\/5FznlYfQww
\n\u2014 Notes from Poland \ud83c\uddf5\ud83c\uddf1 (@notesfrompoland) January 14, 2026<\/p>\n

The legislation in question was first discussed under the former national-conservative Law and Justice (PiS) government. After a new ruling coalition led by Prime Minister Donald Tusk came to power in 2023, work resumed and the bill was finally approved by parliament this year.
\nIn a vote in the Sejm, the more powerful lower house of parliament, last month, 407 MPs voted in favour, with only ten \u2013 mostly from the far-right Confederation (Konfederacja) party \u2013 opposed.
\nAll digital affairs ministers from the last decade, both from the current government and former PiS administration, urged the president, who is alligned with the right-wing opposition, to sign the bill, reports the Rzeczpospolita daily.<\/p>\n

\u00a0
\nThe government says the law is both a response to the rising number of cyberattacks and the need to implement the EU\u2019s Network and Information Systems Directive 2 (NIS 2) directive, which was meant to be done by October 2024.
\nThe main change creates a category of \u201chigh-risk\u201d vendors who will be barred from providing goods or services to sectors considered vital to the state. One criterion for such a designation is a supplier\u2019s origin and whether it is controlled by a country outside NATO.
\nIn media discussion, China\u2019s telecommunications company Huawei has often been cited as a likely target of the rules, prompting the law to be informally dubbed \u201cLex Huawei\u201d.
\nThe company has voiced its opposition to the legislation. In a letter to Tusk and his ministers for foreign affairs, defence, digital affairs and finance, it warned that it reserved the right to arbitration if its economic interests were harmed by the changes.<\/p>\n

Poland has banned Chinese-made vehicles from entering all secure military facilities, citing security threats relating to the gathering of sensitive data.
\nIt has also barred military personnel from connecting their work phones to the systems of such cars https:\/\/t.co\/rtfTkKw6nM
\n\u2014 Notes from Poland \ud83c\uddf5\ud83c\uddf1 (@notesfrompoland) February 19, 2026<\/p>\n

The new rules will cover multiple sectors, including wastewater, postal services, space, and chemical and food production. Affected companies will have to follow stringent requirements, such as reporting incidents, assessing risks, and ensuring management accountability.
\nOnce the law takes effect, state-critical entities that already use products from high-risk suppliers will be required to remove them within seven years.
\nThe president expressed concern about this part of the bill, saying businesses were \u201cobliged to replace hardware and software without compensation and without securing financial resources for this purpose\u201d and that \u201cthe system of administrative penalties provided for in the bill is restrictive.\u201d<\/p>\n

Poland has announced a \u20ac700m \u201ccybershield\u201d to protect critical infrastructure amid increasing attacks from Russia.
\n“We are on the front line of a cyberwar with Russia, which clearly wants to destabilise the situation in Europe,” says the government https:\/\/t.co\/QIO8HkK2iR
\n\u2014 Notes from Poland \ud83c\uddf5\ud83c\uddf1 (@notesfrompoland) June 3, 2024<\/p>\n

Nawrocki was also sceptical about the fact that the law covers 18 economic sectors, which he says goes beyond EU rules. He therefore referred it to the TK, something representatives of 11 business organisations called on him to do in a letter earlier this month.
\nThey argue that being forced to replace equipment, sometimes with costlier alternatives, threatens the competitiveness of Polish companies and amounts to what they called \u201cexpropriation\u201d. This, they argued, violated constitutional protections against excessive and disproportionate interference with property rights.
\nLaws sent by the president to the TK after being signed are reviewed with no set deadline, and the legislation comes into force in the meantime. If and when it eventually rules, the TK can leave the law in force or strike it down in whole or in part.
\nHowever, the current government does not recognise or implement TK rulings, as it regards the body as illegitimate due to the presence of judges unlawfully appointed when PiS was in power.<\/p>\n

President @NawrockiKn has vetoed a bill allowing the blocking of online content, arguing that it would have introduced “Orwellian censorship”.
\nBut the government says the veto is \u201cnot a defence of free speech\u201d but protection for \u201cpaedophiles and scammers” https:\/\/t.co\/OShO07U7SM
\n\u2014 Notes from Poland \ud83c\uddf5\ud83c\uddf1 (@notesfrompoland) January 10, 2026<\/p>\n

Last month, Nawrocki vetoed a separate government bill intended to implement the EU\u2019s Digital Services Act in Poland, saying it threatened free speech by letting officials remove online content. The government argued the law was needed to protect users from harmful content and disinformation.
\nThe decision to sign the latest bill was welcomed by digital affairs minister Krzysztof Gawkowski, who called it \u201ca major step towards greater security for Poland in cyberspace\u201d by \u201cproviding concrete tools for protecting data, public services, and critical infrastructure\u201d.
\nHowever, he also criticised the president\u2019s referral of the bill to the TK, suggesting it was influenced by \u201cthe instigations of foreign lobbyists\u201d.
\n\u201cFor many companies and institutions, this means living in constant uncertainty, having to postpone investments, and being prepared for various legal disputes. However, the state already knows how to cope with such destruction and will quickly and efficiently implement the new solutions provided by the KSC,\u201d he said.<\/p>\n

Po 6 latach prac Polska b\u0119dzie mia\u0142a nowoczesny Krajowy System Cyberbezpiecze\u0144stwa\ud83d\udc4c\ud83d\udcaa To wielki krok w stron\u0119 wi\u0119kszego bezpiecze\u0144stwa Polski w cyberprzestrzeni. Zyskaj\u0105 obywatele, instytucje i firmy.
\nPowstan\u0105 nowe sektorowe zespo\u0142y CSIRT, wzmocnimy koordynacj\u0119 dzia\u0142a\u0144 na\u2026
\n\u2014 Krzysztof Gawkowski (@KGawkowski) February 19, 2026<\/p>\n

Notes from Poland is run by a small editorial team and published by an independent, non-profit foundation that is funded through donations from our readers. We cannot do what we do without your support.<\/p>\n

Main image credit: Marco Verch\/ccnull (under CC-BY 2.0)
\nAlicja Ptak is deputy editor-in-chief of Notes from Poland and a multimedia journalist. She has written for Clean Energy Wire and The Times, and she hosts her own podcast, The Warsaw Wire, on Poland\u2019s economy and energy sector. She previously worked\u00a0for\u00a0Reuters.<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Poland tightens cybersecurity rules targeting non-NATO suppliers https:\/\/notesfrompoland.com\/2026\/02\/21\/poland-tightens-cybersecurity-rules-targeting-non-nato-suppliers\/ Publish Date: 2026-02-21 06:04:00 Source Domain: notesfrompoland.com…<\/p>\n","protected":false},"author":1,"featured_media":189370,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/notesfrompoland.com\/wp-content\/uploads\/2026\/02\/huawei-leading-the-new-wave-of-telecom-tech-with-5g-network-1034488-1920x1182-2-e1771603384861.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24],"class_list":["post-189369","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/189369"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=189369"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/189369\/revisions"}],"predecessor-version":[{"id":189371,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/189369\/revisions\/189371"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/189370"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=189369"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=189369"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=189369"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}