Skip to content Skip to sidebar Skip to footer
Kancelaria LBKP
Set up a meeting
Kancelaria LBKP
Set up a meeting
Close
Regulatory Cybersecurity (DORA, NIS2, UKSC)

Regulatory Cybersecurity (DORA, NIS2, UKSC)

Cybersecurity is no longer solely a technical area; today it is part of management accountability, a regulatory obligation, and a real operational risk. DORA, NIS2, and the Act on the National Cybersecurity System (UKSC) introduce specific requirements concerning governance, incident management, supply chain oversight, resilience testing, and documentation.

We help organisations translate these regulations into practical, working solutions: clear accountability frameworks, procedures, documentation, and contracts with suppliers. We work closely with security, IT, compliance, procurement teams, and management boards — ensuring that the organisation is prepared both for audits and supervisory inspections, as well as for real-life incidents.

What We Help With in Regulatory Cybersecurity?

DORA – financial entities and ICT service providers

We design DORA compliance models: governance structures, ICT risk management frameworks, incident handling, digital operational resilience testing, and oversight of ICT third-party providers.

NIS2 / amendment to the UKSC – implementation of obligations and preparation for supervision

We determine whether an organisation falls within the scope of NIS2 (essential or important entity), and then build a tailored set of obligations, documentation, and procedures aligned with the scale of operations. We support the practical implementation of UKSC requirements, taking into account the operational realities of the organisation.

Incidents and notification obligations

We assist from the very first hours — incident qualification, legal decision-making, preparation of notifications, contact with CSIRT and supervisory authorities, communication scenarios, and mitigation of liability risks.

ICT suppliers and outsourcing

We review and negotiate contracts with technology providers, including cloud and managed services, ensuring regulatory compliance across the entire supply chain.

Readiness audit and gap assessment

We conduct gap analyses, prepare implementation roadmaps, and support organisations in closing identified compliance gaps.

Scope of support

  • Designing compliance with DORA, NIS2, and UKSC (compliance by design)
  • ICT risk analysis, gap assessments, and implementation roadmaps
  • Incident response and notification handling
  • IT/ICT and outsourcing contracts (including cloud and managed services)
  • Vendor management: security requirements, audits, subcontractors, exit plans
  • Policies and procedures: governance, incident management, access control, change management, BCP/DR, reporting
  • Preparation for audits and supervisory inspections, and support in due diligence
  • Training for management boards and key teams
  • Disputes and negotiations following incidents, including disputes with technology providers

Do you have a project in the area of Regulatory Cybersecurity?

Let’s discuss the best solution.

Grzegorz Leśniewski

Grzegorz Leśniewski

Managing partner, attorney at law

+48 531 871 707

Paulina Jeziorska

Paulina Jeziorska

Senior manager, attorney at law

+48 570 662 013

Translate »