Restrictive cyber security regulations – risky non-EU equipment to be replaced?

Dziennik Gazeta Prawna reports that thousands of companies in industries seemingly unrelated to new technology will have to check whether they have devices or hardware classified as risky and replace it if necessary. The whole issue relates to the NIS Directive introduced in 2018, which was a response to the strong development of digitalisation; in Poland, the assumptions of the NIS Directive were implemented by the Act on the National Cyber Security System (KSC).

The changes which have been consulted by the Ministry of Digitalisation will impose obligations in this regards on businesses in a wide range of sectors, including i.a. banking, transport, food and chemicals.
The Minister for Digitalisation may, at his discretion or through a procedure he may initiate at the request of the government, identify certain manufacturers, importers or distributors as ”high-risk vendors”.

One aspect of the analysis of suppliers will be the probability of them being under the control of a country outside the borders of the European Union or the North Atlantic Treaty Organization. The topic has already been widely reported by Huawei, a Chinese manufacturer of consumer electronics and IT equipment and solutions.

In view of the above, we would like to reassure our partners and customers that the described activities will not affect the customers of HALNY Networks’ products, designed at the territory of European Union, and the brands itself, which has been dynamically developing since 2015. At the same time, we encourage you to choose and cooperate with w European producer, which can be of considerable importance when planning orders for long-term projects and investments.

More information you can find in the sources (in Polish):