Asseco Poland, a national giant mainly associated with the digitisation of the banking sector and public institutions, has been operating at the highest level of secrecy for years, providing solutions for NATO and FRONTEX. How do you build trust in your relationship with the special services? Why does Poland’s technological sovereignty depend on the retention of licences over the Vistula, and where does the inviolable limit of artificial intelligence autonomy on the battlefield lie?
On this and the realities of competing on the digital training ground – in an interview with Dariusz Darnowski, Director of the Security Office Solutions Division at Asseco Poland.
Klaudia Ciesielska, Brandsit: Asseco is an IT giant that we know mainly from the banking and public administration sectors. How, from the level of the Security Sector Solutions Division, are the military and the Ministry of Defence being persuaded today that a civilian ‘software house’ is as critical and reliable a partner in the creation of national security as the traditional armaments companies?
Dariusz Darnowski, Asseco Poland: The Polish Army has a Cyber Defence Command, which is responsible, among other things, for the construction and operation of IT systems. There is an internal military softwarehouse within this structure. I believe that combining in-house resources with the opportunities offered by the civilian sector is very beneficial for both parties. An experienced technology partner can bring a different perspective on military projects and use the experience gained in other markets. It is worth noting that Asseco serves many organisations in critical industries such as energy, utilities, healthcare, banking or public administration. We are responsible for the operation of the KSI ZUS or KRUS systems, which are critical to the operation of the state. This is a huge responsibility.
In addition, cooperation with the civilian sector allows for the diversification of software sources, which increases the resilience of the military IT ecosystem. It should also not be forgotten that, in the event of an emergency, the private sector is often involved in security efforts. It is therefore worth ensuring that IT professionals have the right competencies that can prove useful in crisis situations.
“Polish companies have the knowledge, experience and capabilities to create cutting-edge software. It is important that the licences for elements of these solutions remain in the hands of Polish companies.”
For years, we have observed fruitful cooperation between the military and business in countries that boast a well-developed defence industry. Polish companies have the knowledge, experience and capabilities to create state-of-the-art software. It is important that licences for elements of these solutions remain in the hands of Polish companies. This way, they will be able to create derivative products and offer them around the world, just as large corporations from Western Europe and North America do. In this way, we support the export capabilities of Polish industry, and part of the investment in solutions purchased by the military returns to the state budget in the form of taxes paid by companies.
K.C.: As the President of Asseco DS – Andrzej Dopierała – stated, absolute trust in a technological partner plays a key role in digitisation today. Asseco is one of the few Polish IT companies with dozens of direct projects for international institutions, and your CSD EP data exchange system was successfully verified during the CWIX manoeuvres. How does this trust build in your relations with the special services and NATO?
D. D.: The military and the services, both nationally and internationally, issue the appropriate certificates giving authority to work with classified information. In order to obtain them, you have to go through a detailed verification process. Our team includes experts with the right qualifications. As Asseco, we have industrial security certificates, ISO, AQAP (issued by NATO) or WSK (Internal Control System) certificates for dual-use goods – civilian and military.
For the past four years, Asseco employees have been taking part in the Coalition Combat Interoperability Exercise (CWIX), one of the largest and most important training exercises in the North Atlantic Alliance. On the digital training ground, they test Coalition Shared Data (CSD) systems, which are solutions for intelligent analysis and exchange of reconnaissance data, checking their compliance with NATO standards. Every year we are accredited to operate in the classified network. In addition, we have been cooperating with the FRONTEX agency for years on projects aimed at protecting the external borders of the European Union.
K.C.: Poland is to receive nearly €44 billion from the SAFE programme. From your perspective, what needs to happen for us to develop our own source codes in the command area in Poland thanks to these funds, and not just act as a subcontractor for technology from the West?
D.D.: We are counting on some of the funds from the SAFE programme or any other programmes for financing investments in the defence sector going to Polish companies, including IT companies. Such an approach increases the security of our country and at the same time supports the development of Polish solutions for the defence sector. Thanks to its own products, Poland will become more independent and resistant to the geopolitical situation.
In the case of technology, the army gains more control over the development and maintenance of key systems. The situation in Ukraine shows that in the case of war, changes need to be made even on a daily cycle and respond dynamically to the actions of the enemy. It is worthwhile for the team responsible for this to be located close to decision-makers from the army.
“It is worth trusting domestic suppliers to create a solution tailored to the specific needs of the Polish military, but it is important to bear in mind that this takes time.”
However, this requires a certain change of mindset. Foreign companies often have a ready-made solution that has already been implemented in their countries of origin, for example. This makes it easier to make a purchase decision. Polish companies find it more difficult to boast of such projects. It is worth trusting domestic suppliers to create a solution tailored to the specific needs of the Polish military, but it should be borne in mind that this takes time.
K.C.: Modernisation programmes, such as the Wisła and Narew air defences or the Miecznik frigates, are based on the integration of Western equipment with Polish command networks. Where in this complex “system of systems” does Asseco see its main integration tasks?
D.D.: Primarily in the area of data storage, integration and exchange, processing and correlation. This is what we specialise in. The military uses information in various formats from a great many sources: radars, satellites, drones, but also external sources (so-called OSINT) such as social media, forums or blogs. It is crucial to locate them correctly and present them on maps, which GIS technologies help to do.
We are responsible for the proper selection and presentation of data, in such a way that it is readable and useful for users at different levels of command – the highest, but also operational. This is of paramount importance in building so-called ‘situational awareness’, i.e. the process of creating as complete and up-to-date a picture of the situation as possible, which assists the military in decision-making.
“Good performance of AI-based systems can only be ensured by correct, complete and reliable data.”
K.C.: Asseco’s management recently announced a ‘soft centralisation’ model for AI work, pointing out the need to be doubly cautious in times of instability. Looking from the point of view of projects for the security sector, where do you see the limit of safe trust in AI algorithms on the battlefield today?
D.D.: Software production in Asseco using AI always follows the principle of “human in the loop”. This means that AI supports the decision-making process by analysing data and preparing recommendations, but does not act completely autonomously. It is always the human who has the final say and takes responsibility for the decision. I think this approach significantly increases the level of security.
Good performance of AI-based systems can only be ensured by correct, complete and reliable data. It is on this data that the algorithms learn. If we make a mistake at this stage and do not take care of the quality of the data, we will get the wrong results, which, in the case of the military, can have dire consequences.
