One of the components of the widely understood security is the information security that due to the increasing utilization of technical means in the transmission, storage and processing of information, is vulnerable to various forms of so-called cyber threats. Such real cyber threats are now terrorist attacks conducted on networks and information systems. The article presents a brief review of basic national (“National Security Strategy of the Republic of Poland” and “Cyber Security Governmental Program) and foreign (“US Department of Defense Strategy for Operating in Cyberspace”, “Consensus Audit Guidelines” and ISO/IEC 27000 series) documents related to threats in cyberspace in order to intentionally underline deficiencies in the current Polish solutions. Additionally, as a pessimistic forecast, there is high probability that the terrorist attacks on networks and information systems will succeed due to broad, not effectively controlled “destruction box” of potential attacks, incoherent scope of responsibilities of different security institutions, too complex security organizational structure, luck of standardization of terminology, and finally, lack of a proper technical knowledge among the national lawmakers.