Cybersecurity and the scope of designing information security systems in the organization

The phenomenon known as cybercrime is gaining momentum over time, becoming an increasing threat to the security of the twenty-first century. The problem is growing and is becoming a growing challenge both for the legislator, who is required to take steps in the field of legal regulations, and for law enforcement agencies, which are expected not only to ensure security, but also to counteract the phenomenon of cybercrime. It is not the right question if, but when, a cyberattack will occur. It is necessary to be properly prepared for its early identification and proper reaction. This reality places new demands on the organization, which is currently forced to design and operate information processing systems in secure cyberspace. The huge impact on information security organizations cannot be underestimated, every smallest decision in the organization is based on the flow of information, including in ICT sys- tems. Taking into account the above, information was taken into account as a decisive factor determining the functioning of the organization. According to the authors, such an assumption requires describing the impact of information security management on the proper, efficient functioning of the organization in cyberspace. Increasingly, the concept of information is becoming a key category, a central point of consideration, which is a set common to research conducted at the interface of various fields and scientific disciplines. When discussing the organization of its operation and functioning, it is impossible to undertake this discussion without specifying the role of information in it, including that processed in ICT systems. The aim of this article is to answer the research problems posed: 1. How is cybercrime shaping up in Poland? 2. What are the threats in cyberspace for organizations? 3. How do organizations counter threats in cyberspace? 4. How organizations should counter threats in cyberspace 5. How were the solutions of the EU Directive transposed into the national legal order? The formulation of research problems made it possible to generate the main adopted goal of the research, which is to analyze the solutions adopted in organizations and their impact on cyberspace security. In addition, the issue was presented, in terms of the practical application of the applicable standards in this area. As part of the research, the method of analyzing literature and documents relat- ing to the studied issues and diagnostic survey was used. In addition, as part of the participatory observation, experience from participation in the implementations of the solutions described in the article was indicated and, on their basis, the following research hypothesis was formulated: Information security management determines the provision of cybersecurity in the organization, which makes it necessary to implement the applicable norms and standards in this area.