NIS2 / UKSC and Management Board Liability
NIS2 and the amendment to the National Cybersecurity System Act (UKSC) are not just another set of regulations for the IT department — they are laws that explicitly designate a management board member as the person responsible for the organization’s cybersecurity. Approving security measures, supervising their implementation, and understanding the regulatory requirements are now responsibilities that rest personally with you — regardless of whether your organization has a dedicated security department.
On June 18, we invite you to an expert meeting dedicated specifically to this perspective. During the event, experts will address the real questions management boards ask themselves: Does my organization fall under the law? What personal liability do I face? What does a cyberattack look like from the attacker’s perspective? And what does the law require from me before such an incident occurs?
The event will feature lawyers specializing in NIS2 and UKSC, as well as experts with many years of operational experience in cyber risk management. Three expert sessions, each with dedicated Q&A segments, will give participants the opportunity to receive answers tailored to their industry and risk profile — not just listen to lectures.
Agenda
9:30–9:45
Opening and welcome remarks
9:45–10:15
BLOCK I: The Cyber Threat Landscape
Bartosz Pastuszka, NaviRisk
- Types of attacks
- Threat actors
- Defense strategies and the role of humans in the age of automation
10:15–10:25
Q&A
10:25–11:05
BLOCK II: Legal Perspective
Aneta Kiser, Marcin Kroll, Rafał Wieczerzak, LYNX
Part 1: Who Is Covered by the Regulation?
- Classification of essential and important entities
- Sector and company-size criteria
- Relationships within corporate groups
11:05–11:15
Q&A
11:15–11:55
BLOCK III: Operational / Implementation Perspective
Jan Kostrzewa, B3 Consulting Poland Sp. z o.o.
- Quick wins in building organizational resilience against cyber threats
- What regulators will consider “critical” after the implementation of KSC 2.0 — key priorities to focus on first
- How to plan implementation without chaos and unnecessary costs — a practical action roadmap for C-level executives
11:55–12:05
Q&A
12:05–13:00
Networking
The meeting is open to member companies of the Scandinavian-Polish Chamber of Commerce. Participation is free of charge, but registration is mandatory. The number of seats is limited.
The event will be conducted in Polish.
Bartosz Pastuszka
Managing Partner – CEO, NaviRisk
Expert in crisis management, business security, and competitive intelligence. Since 2017, he has served as President and Managing Partner at NaviRisk and Eastshield. He was the first director of the legendary Pinkerton detective agency in Poland and Central and Eastern Europe. He completed elite courses in Critical Incident Stress Management and Resilient Leadership at the University of Maryland, as well as Cybersecurity studies at Harvard University. He is a graduate of the Faculty of Management at the University of Warsaw.
Aneta Kiser
Associate, LYNX
Legal counsel specializing in new technologies law, data protection, and cybersecurity. Her practice covers technology contracts, IP management, and compliance for businesses in the IT and e-commerce sectors. She advises on NIS2 and KSC implementations as well as building organizational regulatory resilience.
Marcin Kroll
Partner, Advocate, LYNX
Attorney specializing in cybersecurity law, IT contracts, and EU regulations (NIS2, AI Act, GDPR). He advises clients from the IT, manufacturing, and e-commerce sectors on compliance and technology transactions. He is also an academic lecturer and speaker at international conferences.
Rafał Wieczerzak
Lawyer, LYNX
Lawyer specializing in IT law, cybersecurity, and intellectual property. He advises on technology contracts, rights transfers, and licensing. He supports companies in complying with cybersecurity regulations, including NIS2 and the National Cybersecurity System Act (UKSC). He is also a PhD candidate researching the application of AI in civil judiciary systems.
Jan Kostrzewa
Co-founder of B3 CyberSecurity
Co-founder of B3 CyberSecurity and member of the Council for New Technologies and Digitalization under the President of the Republic of Poland. Former CISO of an institution employing 55,000 people. Holds CISSP and CompTIA Security certifications. He has unique experience in both the private and public sectors. He has trained more than 30,000 employees and conducted numerous penetration tests. He is also co-creator of Poland’s first satellite, PW-Sat, and author of publications on artificial intelligence and information security.
