On 23 March, the UKNF hosted the presentation of Annual Report on Cybersecurity 2025 prepared by CSIRT KNF. Speeches were delivered by Krzysztof Gawkowski – Deputy Prime Minister, Minister of Digital Affairs, Government Plenipotentiary for Cybersecurity, and Jacek Jastrzębski – Chair of the KNF. They referred to the importance of cybersecurity in the context of financial market stability.

The introduction to the report given by Paweł Piekutowski, Deputy Director of the Cybersecurity Department, was followed by the presentation of the report by Karol Paciorek, Manager at the Cybersecurity Department.

Jacek Jastrzębski has underlined that even the most advanced cybersecurity structures cannot eradicate threats completely, which is why it is extremely important to educate users of financial services and raise their awareness. In this context, he pointed to the need to stay vigilant and use critical thinking in daily operations in cyberspace. He has said that despite successes achieved in the area of cybersecurity in the Polish financial sector, it is necessary to further improve systems and competences and constantly raise awareness among users. See the full coverage of the speech.

Krzysztof Gawkowski – Deputy Prime Minister, Minister of Digital Affairs, Government Plenipotentiary for Cybersecurity, has indicated that cooperation and teamwork are of key importance in the area of cybersecurity and good protection of the state would not be possible without them. Minister Gawkowski has emphasised that among entities belonging to the cybersecurity network, CSIRT KNF is ‘one of the most stable, well-organised, and ensuring full support for the cybersecurity of the Republic of Poland’.

He has reminded the audience that cybersecurity knows no borders, and Poland is the most attacked country in the European Union. It is a country that is currently involved in cyber warfare, which affects each and every area of the country’s activity. Even though Poland is assessed very high in terms of its cybersecurity sector, it is necessary to focus on the development of this area. The Minister has emphasised that no effective ransomware attack breaking security safeguards was carried out last year. ‘This is very important and shows how many financial resources and how much support flow from your sector for the purpose of building the digital resilience of the state. Not least that Poland ranks first in the European Union when it comes to the number of mobile and online transactions.’

Minister Gawkowski addressed Jacek Jastrzębski, Chair of the KNF, and thanked him for the initiative and for being the mobilising force for financial market institutions’ investing in their hardware, tools, and human resources. ‘In CSIRT KNF, dedication to this matter is a concern that affects every citizen. I would like to thank you that you voluntarily step up to the task when we need support and you are always up to the job,’ the Minister said.

The subject of cooperation and knowledge sharing was also referred to by PawełPiekutowski, who declared readiness to take actions in that area. ‘Cybersecurity is about being on the same team, and national-level CSIRT teams and sectoral CSIRT teams form a single “immunological system” when it comes to the cybersecurity of the entire country. The level of cyber resilience of the entire country depends on how we talk to each other and how we share information.’

KarolPaciorek, Manager of CSIRT KNF, presented Annual Report on Cybersecurity 2025. He emphasised that each new convenient solution, new tool or new functionality offered by financial market entities might also be an attack vector used by cybercriminals. He drew the attention of the audience to the professionalisation of cybercrime, for instance, automation achieved through the use of AI tools, which makes attacks much less expensive. He indicated that victim profiling became increasingly common, in particular through social media.

***

In 2025, CSIRT KNF requested the blocking of 41 751 domains (96.3% of all domains reported concerned fake investments) and 9 751 fraudulent ads, issued 625 CSIRT KNF warnings for the financial market, identified 787 DDoS attacks against the financial sector and reported 274 ICT incidents (under DORA).

We invite you to read Annual Report on Cybersecurity 2025here.