Jacek Jastrzębski, Chair of the KNF, spoke at the presentation of Annual Report on Cybersecurity 2025 prepared by CSIRT KNF. The report summarises the key threats and trends in cyberspace and describes actions taken by CSIRT KNF to ensure cybersecurity of the financial market and financial service users.

Jacek Jastrzębski has emphasised that the presentation of the CSIRT KNF report is not only an opportunity to sum up the activities taken by the team last year, but also a moment of reflection on changes that are being witnessed in the financial sector. The event is of special importance as it aligns with the celebration of the 20th anniversary of the KNF, which is an occasion to look at long-term evolution of the financial market in the area of digitalisation.

Jacek Jastrzębski pointed out that the role of technology in the financial sector had changed significantly throughout those years. The technology ceased to play a mere ancillary function but became a key element of financial institutions’ functioning. Along with the development of technology, there came new threats which have gained even more importance recently due to geopolitical tensions. The financial sector often finds itself at the front of cyber operations, which is why it must act as the first line of defence and serve as a shield for the entire economy and society. 

The Chair of the KNF also recalled the circumstances of establishing CSIRT KNF and noted that this had been a pioneer initiative, undertaken long before cybersecurity became a universally acknowledged priority. He expressed the conviction that the financial supervisor’s decision about early investments in this area had proved right as it had allowed for building competence in relatively calm times. He also emphasised that CSIRT KNF did not limit itself to responding to incidents, but it also played a role of a nexus for cooperation, exchange of knowledge and competence building, bringing public institutions and the financial sector together.

Jacek Jastrzębski also discussed the most important trends in the area of cyberthreats. He has noted that increasingly often attacks waged by cybercriminals are not targeted directly at financial institutions but their clients, who fall prey to manipulation and social engineering. He has added that the security of third-party service providers has become a major challenge. 

Jacek Jastrzębski has also underlined that even the most advanced cybersecurity structures cannot eradicate threats completely, which is why it is extremely important to educate users of financial services and raise their awareness. In this context, he pointed to the need to stay vigilant and use critical thinking in daily operations in cyberspace. 

When summarising his speech, the Chair of the KNF has emphasised that the financial sector is facing further challenges related to regulatory changes, such as implementing new cybersecurity solutions. At the same time, he declared readiness to cooperate and share experience with other institutions, in particular those that are building and will be building their sector-specific CSIRT teams. He has said that despite successes achieved in the area of cybersecurity in the Polish financial sector, it is necessary to further improve systems and competences and constantly raise awareness among users.

See the full CSIRT KNF report here.