Security for the institutions citizens rely on
KSC, NIS2, procurement security, citizen data and critical services. We work in the regulatory reality of the Polish public sector — and deliver programs that land.
Who is it for?
- Central government offices
- Local authorities (województwa, powiaty, gminy)
- Public agencies and funds
- Universities and research institutes
- Public healthcare and utilities
Outcomes for public bodies
KSC and NIS2 alignment
Act on the National Cybersecurity System (KSC) plus NIS2 obligations — we map both into a single program.
Procurement security
ICT procurement SIWZ / OPZ drafting, supplier evaluation, contract clauses that actually protect you.
Citizen data protection
GDPR and Polish UODO expectations — access control, retention, DPA, breach response.
Critical services continuity
Tabletop exercises with the supervisory board and IT, ransomware and DDoS scenarios.
Budgetable program
We write the program so it fits the annual budget cycle and the public procurement calendar.
Audit coordination
Coordination with NIK, supervisory bodies and sectoral regulators — we prepare the responses.
Working inside the public sector reality
- 01
Regulatory scoping
KSC, NIS2, sectoral acts, internal directives, GDPR — the full regulatory picture.
- 02
Risk assessment
Asset inventory, critical services mapping, threat modelling (ransomware, DDoS, insider, nation-state).
- 03
Program & procurement
Program design that fits the budget cycle. Procurement documents drafted with security baked in.
- 04
Delivery & drills
Policies, training, pentests, tabletops. Annual review and audit coordination.
Frequently asked questions
Do you work with public procurement (PZP) processes?
Can you coordinate with NASK / CSIRT NASK / CSIRT GOV?
We have very limited budget — what is the minimum viable program?
Can you train our staff during working hours?
How is this billed?
Start with a public-sector scoping call
30 minutes — we map KSC, NIS2 and sectoral obligations and propose a budgetable program.