The article is devoted to the issue of the implementation of the Directive of the European Parliament and of the Council (EU) of 6 July 2016 on measures contributing to a high level of security of networks and information systems within the territory of the Union (the so-called NIS Directive) into the Polish legal system. In this context, the author analyses the Act on the National Cybersecurity System, presenting the system and its individual components. The subjects of consideration are the provisions of the Act on National Cybersecurity System of the Republic of Poland and other legal acts concerning the subject matter, which entered into force before the adoption of the analysed act. In conclusion, the author states that in some cases, it is necessary to amend individual legal acts in order to avoid ambiguities which lead to disruption of the system as a whole. The basic method used in this article is legal dogmatics and critical analysis of the scientific literature, documents and opinions of experts—practitioners.