Are you a Critical Service Operator? Entrust us with the service!

What do we offer?

We provide comprehensive support in implementing the National Cybersecurity System Act. With the knowledge and experience of PBSG experts, your organization will build the required organizational and technical capacity to ensure the appropriate level of security for the information system used to provide critical services. We will conduct a security audit, perform a risk analysis, and identify critical areas that could impact the availability of the critical service. Finally, we will prepare and update the documentation required by the KSC Act and train your personnel. We will also be at your disposal for further consultations or new organizational needs. Leverage our expert knowledge and gain confidence that your organization meets the requirements of the KSC Act.

Take advantage of our experience and raise your cybersecurity standards.

How we work?

1. Zero audit

We will collect, analyze, and assess the current state of the information system used to provide the critical service. We will review the service itself, the IT system, tools, administration, incident management, and information security management. We will identify risks that may impact business continuity, including criminal threats. A full audit report will be prepared, highlighting necessary changes to ensure your organization meets the requirements of the KSC Act. We work in accordance with international standards, including ISO 9001, 27001, 22301, and the cybersecurity process maturity assessment COBIT.

2. Impact analysis and risk assessment for Critical Service OUK

We will define the risk analysis methodology, assess the likelihood of threats occurring, and prepare contingency plans for crisis situations that may impact the delivery of your service. In the end, you will receive a report from us with a register of assets supporting information systems, a list of threats, and a summary of the risk assessment, including a description of identified risks and their categorization.

3. Documentation of the security management system

We will prepare the required documentation under the law regarding the cybersecurity of the information system and the protection of the infrastructure used to provide the critical service. We will also analyze the existing documentation and applied standards and update them if necessary. We keep bureaucracy to a minimum, so you can be sure that you will receive the essential and practical documentation tailored to the specifics of your organization.

4. Training for critical service operators

We will train your staff, raising awareness of potential threats and pointing out strategies for risk management and crisis situations. Your employees will gain knowledge of the national cybersecurity system and the skills necessary to ensure the appropriate level of security for the critical service provided. At the end of the training, each employee will receive a relevant certificate.

Let's talk about your project! Fill out the form

What else do we offer?

We will help implement cybersecurity in your organization or its individual components. Check out our offer for other services related to cybersecurity.

Why us?

Knowledge and experience

Our team has gained extensive experience in implementing cybersecurity over many years through projects across various industries and organizations of different sizes.

Tailored services

We implement cybersecurity solutions tailored to the expectations and needs of your organization.

Favorable conditions

We will adjust the pricing and schedule for cybersecurity services to fit your budgetary capabilities.

We work as equals!

We fully understand the goals and challenges of Polish organizations in the field of cybersecurity. We are a 100% Polish organization ourselves.

They trusted us

Learn more

Why should a security analysis of critical services be performed?

The National Cybersecurity System Act came into force on July 5, 2018, and implements the EU Directive 2016/1148(1). According to this law, critical service operators are required to implement documentation regarding the cybersecurity of the information system used to provide the critical service, in compliance with the requirements of standards PN-EN ISO/IEC 27001 and PN-EE ISO 22301, as well as to assess the cybersecurity risks and implement appropriate safeguards.

Who is the support for meeting the requirements of the KSC Act intended for?

The service is aimed at operators of critical services (UOK), which include entities providing services of vital importance for maintaining critical social or economic activities, such as service providers in the energy, transport, banking, financial market infrastructure, healthcare, drinking water supply and distribution, and digital infrastructure sectors. The National Cybersecurity System Act also covers providers of digital services (DUC), for whom we have prepared a separate offer.

What is the scope of support for critical service operators?

The scope of support covers areas specified in the law, for which critical service operators have defined obligations. This includes, among other things, risk management and assessment, implementation of appropriate technical and organizational measures (e.g., maintaining system and environment security), gathering information about cybersecurity threats and vulnerabilities to incidents, and cooperation with CSIRT (the governmental Computer Security Incident Response Team). The support service thus includes a full audit, analysis, and documentation, along with the preparation of procedures necessary for risk management and ensuring the maximum level of security for the system used to provide the critical service.

What benefits does a security audit and analysis bring?

Thanks to the security audit and analysis, your organization will gain confidence that it meets the requirements of the National Cybersecurity System Act. We offer support that will help you understand the goals and requirements for operators of essential services, and as a result, adapt your system and infrastructure, risk management practices, communication, and documentation to comply with the KSC Act. This will enable you to provide secure services and build a significant competitive advantage.

How much does support for operators of essential services cost?

Support in the area of security for operators of essential services depends on factors such as the size of the organization, the nature of its activities, the market environment, and the complexity of its processes. We provide a tailored pricing estimate, taking into account the scope of work and the timeline.

How long does the audit and risk analysis take for an essential service operator?

The audit and security analysis of information systems typically takes up to a few weeks. The timeline depends on the size of the organization and the specifics of the project. We tailor the work schedule to meet the specific expectations of your organization.

Comprehensive support for critical service operators