About the Journal
Editorial Board
Scientific Council
Reviewers
Ethical Code
AI Policy
Special Issue
GDRP - information on the processing of personal data
Terms of the journal
Indexing
Licenses & Access
Archive
For Authors
Publishing Policy
Technical instruction for the authors
Agreement CC BY-SA
Copyright statement
Publication procedure
Peer Review Process
Reviewer’s form .doc
Reviewer’s form .pdf
Contact
About the Journal
Editorial Board
Scientific Council
Reviewers
Ethical Code
AI Policy
Special Issue
GDRP - information on the processing of personal data
Terms of the journal
Indexing
Licenses & Access
ORIGINAL PAPER
Cybersecurity incident management in local government units
1
University of the National Education Commission Krakow
2
John Paul II University in Biala Podlaska
3
Andrzej Frycz Modrzewski University in Krakow
4
University of Siedlce
These authors had equal contribution to this work
Submission date: 2025-05-20
Final revision date: 2026-02-10
Acceptance date: 2026-02-17
Publication date: 2026-04-18
JoMS 2026;65(1):167-190
KEYWORDS
TOPICS
ABSTRACT
Objectives:
The aim of the article is to analyze the organizational, legal and technological conditions of security incident management in local government units and to identify barriers hindering effective response to contemporary threats
Material and methods:
The literature analysis included a review of scientific publications in the field of information security, crisis management, public administration and cybersecurity, as well as normative documents (such as the Act on the National Cybersecurity System, GDPR, KRI Regulation) and reports of public institutions – in particular the comprehensive report of the Supreme Audit Office of 2025 on the state of security of IT systems in local government units. This analysis made it possible to capture organizational standards, applicable regulations and existing recommendations for incident response, as well as to identify gaps and inconsistencies in the existing solutions. This analysis was complemented by the use of the case study method, which analysed selected security incidents that occurred in various local government units in Poland.
Results:
It becomes necessary to develop procedures and mechanisms that enable quick identification of the incident, assessment of its nature and scale, as well as effective response and removal of the consequences. Responsibility for these actions lies largely with local authorities.
Conclusions:
The final conclusion is the need to treat incident management not as an episodic technical activity, but as an integral component of the local security strategy. In the era of digital transformation and complex security threats, competent incident management is becoming a basic condition for the sustainable and effective functioning of local government administration.
The aim of the article is to analyze the organizational, legal and technological conditions of security incident management in local government units and to identify barriers hindering effective response to contemporary threats
Material and methods:
The literature analysis included a review of scientific publications in the field of information security, crisis management, public administration and cybersecurity, as well as normative documents (such as the Act on the National Cybersecurity System, GDPR, KRI Regulation) and reports of public institutions – in particular the comprehensive report of the Supreme Audit Office of 2025 on the state of security of IT systems in local government units. This analysis made it possible to capture organizational standards, applicable regulations and existing recommendations for incident response, as well as to identify gaps and inconsistencies in the existing solutions. This analysis was complemented by the use of the case study method, which analysed selected security incidents that occurred in various local government units in Poland.
Results:
It becomes necessary to develop procedures and mechanisms that enable quick identification of the incident, assessment of its nature and scale, as well as effective response and removal of the consequences. Responsibility for these actions lies largely with local authorities.
Conclusions:
The final conclusion is the need to treat incident management not as an episodic technical activity, but as an integral component of the local security strategy. In the era of digital transformation and complex security threats, competent incident management is becoming a basic condition for the sustainable and effective functioning of local government administration.
License
REFERENCES (18)
1.
Jańczuk, L. (2015). Samorząd terytorialny w systemie bezpieczeństwa publicznego. W: E.M. Guzik-Makaruk, E.W. Pływaczewski (red.). Współczesne oblicza bezpieczeństwa (s. 325–335). Białystok: Wydawnictwo Temida 2.
2.
Kwiecińska, M., Ordyniec, E., Żurawski, S. (2023). Cyberzagrożenia jako główna determinanta bezpieczeństwa społecznego. W: J. Wołejszo, K. Rejman, M. Wilczyńska (red.). Bezpieczeństwo informacji wobec współczesnych zagrożeń (s. 131–156). Kalisz: Kaliskie Towarzystwo Przyjaciół Nauk, Akademia Kaliska im. Prezydenta Stanisława Wojciechowskiego.
3.
Mickiewicz, P. (2020). Bezpieczeństwo społeczności lokalnych. Organizacja systemy i projektowanie działań. Poznań: Wydawnictwo Naukowe FNCE.
4.
Mróz, B. (2017). Rola i zadania organów administracji samorządowej w systemie bezpieczeństwa publicznego. W: M. Sitek, E. Feret, J. Dobkowski (red.). Wydawanie aktów administracyjnych jako forma realizacji zadań samorządu terytorialnego (s. 111–124). Józefów: Wyższa Szkoła Gospodarki Euroregionalnej im. Alcide De Gasperi.
5.
Żurawski, S., Ciekanowski, Z. (2023). Wpływ zagrożeń w cyberprzestrzeni na bezpieczeństwo państwa. W: D. Brążkiewicz, J. Nowicka, Z. Ciekanowski, L. Elak (red.). Współczesne wyzwania dla bezpieczeństwa państwa (s. 9–27). Warszawa: Wydawnictwo im. Profesora Leszka Krzyżanowskiego Menedżerskiej Akademii Nauk Stosowanych w Warszawie.
6.
Żurawski, S., Ciekanowski, Z. (2022). Zarządzanie bezpieczeństwem informacyjnym w jednostkach samorządu terytorialnego. W: J. Wołejszo, K. Rejman, M. Wilczyńska (red.). Ryzyko i niepewność w bezpieczeństwie informacji (s. 365–379). Kalisz: Kaliskie Towarzystwo Przyjaciół Nauk.
8.
Cichonski, P., Millar, T., Grance, T., Scarfone, K. (2012). Computer security incident handling guide (NIST Special Publication 800-61 Rev. 2). National Institute of Standards and Technology.
9.
Ciekanowski, M., Gruchelski, J., Nowicka, J., Żurawski, S., Pauliuchuk, Y. (2023). Cyberspace as a Source of New Threats to the Security of the European Union. European Research Studies Journal, 26(3), s. 782–797.
10.
European Union Agency for Cybersecurity. (2023). Good practices for incident management. ENISA. Retrieved May 20, 2025.
11.
Gerwatowski, J. (2019). Bezpieczeństwo informacyjne w jednostkach samorządu terytorialnego. Studia Prawnoustrojowe, 44, s. 89–106.
12.
Hoffman, I. (2020). Cseh K.B. E-administration, cybersecurity and municipalities – the challenges of cybersecurity issues for the municipalities in Hungary.Cybersecurity and Law, 4(2), s. 199–211.
13.
Karpiuk, M. (2021). Cybersecurity as an element in the planning activities of public administration. Cybersecurity and Law, 1, s. 45–52.
14.
Klonowska, I., Hytrek, A. (2008). Policja a cyberprzestrzeń. Kwartalnik Policyjny, 2, s. 18–20.
15.
Nowicka, J., Kopczewski, M., Ciekanowski, Z., Król A. (2023). Cyberspace and Related Threats. European Research Studies Journal, 2, s. 421–435.
16.
Rozwadowski, M. (2014). Bezpieczeństwo społeczności lokalnych oraz działania zmierzające do jego poprawy. Kultura Bezpieczeństwa. Nauka–Praktyka–Refleksje, 15, s. 243–252.
17.
Shaw, K., Maythorne, L. (2012). Managing for local resilience: towards a strategic approach. Public Policy and Administration, 28(1), s. 43–65.
18.
Włodyka, E. (2022). Gotowi – do startu – start? Przyczynek do dyskusji nad gotowością jednostek samorządu terytorialnego do zapewniania cyberbezpieczeństwa. Cybersecurity and Law, 1(7), s. 202–219.
Share
RELATED ARTICLE
| eISSN: | 2391-789X |
| ISSN: | 1734-2031 |
We process personal data collected when visiting the website. The function of obtaining information about users and their behavior is carried out by voluntarily entered information in forms and saving cookies in end devices. Data, including cookies, are used to provide services, improve the user experience and to analyze the traffic in accordance with the Privacy policy. Data are also collected and processed by Google Analytics tool (more).
You can change cookies settings in your browser. Restricted use of cookies in the browser configuration may affect some functionalities of the website.
You can change cookies settings in your browser. Restricted use of cookies in the browser configuration may affect some functionalities of the website.
