photo
19.06.2026

Cybersecurity and personal data protection at CYBERSEC EXPO & FORUM 2026

Mirosław Wróblewski, President of the Personal Data Protection Office, took part in the panel discussion ‘Cyber Portrait of Polish Business 2026’, organised as part of the CYBERSEC EXPO & FORUM 2026 conference. The event took place on 15 June 2026 at the International Congress Centre in Katowice. Cybersec is one of the largest conferences dedicated to cybersecurity in Central and Eastern Europe.

During the discussion, the President of the Personal Data Protection Office pointed out that cybersecurity and the protection of personal data are inextricably linked. He emphasised that incidents such as ransomware attacks, phishing and unauthorised access to systems can lead not only to disruptions to an organisation’s operations, but also to serious infringements of the rights of data subjects.

“The European Data Protection Board explicitly identifies ransomware as a common cause of personal data breach notifications, as such an attack may involve the encryption of personal data and a demand for a ransom in exchange for its recovery,” emphasised Mirosław Wróblewski.

The President of the Personal Data Protection Office pointed out that effective data protection requires the development of a security culture throughout the organisation. Cybersecurity cannot be treated solely as a task for the IT department. It should form part of strategic risk management, involving both senior management and staff.

“A cyberattack could affect business continuity, obligations towards customers, relationships with business partners, legal liability, reputation and the rights of data subjects,” he added.

Referring to the development of artificial intelligence, Mirosław Wróblewski emphasised that AI can support business growth, but at the same time increases the risk of cyberattacks and unauthorised data disclosure. Organisations therefore need not only security tools, but also clear policies on the use of AI, rules for classifying information, and training that highlights specific risks.

The President of the Personal Data Protection Office also pointed out that people – customers, employees, users and citizens, whose privacy and security depend on the maturity of organisations – should remain at the heart of any discussion on cybersecurity.

The discussion confirmed that business, new technologies and the protection of personal data form a shared ecosystem in which information security is the cornerstone of responsible organisational management.