Dr. Elżbieta Andrukiewicz CISSP, CRISC, LA27001
Distinguished expert on information security and cybersecurity.
Expert of the ISO/IEC JTC1 Subcommittee SC27 „Information security, Cybersecurity and Privacy Protection” since od 1997, and editor of International Standards: ISO/IEC 27005 Information Security Risk Management (latest edition published in 2022) and ISO/IEC 15408-1 Evaluation Criteria for IT security - Part 1: Introduction and general model (latest edition published in 2022).
Expert of CEN/CLC/JTC13 “Cybersecurity and Data Protection”, and co-Editor of European standard EN 17640:2022 Fixed-time Cybersecurity Evaluation Methodology for ICT products. Project Leader of the draft EN Guidelines on Sectoral Cybersecurity Assessment.
Leading auditor of information security management systems and ICT systems with wide experience acquired in more than 150 security audits conducted in governmental agencies, and various industries including telecommunications, banking, insurance, energy, gas, utilities and IT.
Project Manager of several R& D projects. Currently, “Experimental validation platform for cryptographic algorithms and cryptographic protocols” (2020-2023) “Security framework for 5G network based on multiple providers: specification, implementation and development of evaluation process”(2021-2024). She is working for the National Institute of Telecommunications – State Research Institute as the head of Cybersecurity Department and the IT Security Evaluation Facility (ITSEF) Manager. ITSEF provides accredited evaluation and testing services for conformity assessment with security requirements contained in reference standards i.e. Common Criteria (ISO/IEC 15408) and EN ISO/IEC 19790.
ENISA expert since 2017, co-author of several ENISA publications. Rapporteur at the Ad Hoc Working Group on CC certification scheme established by ENISA, and member of the ad Hoc working Group on the Cybersecurity Certification for 5G networks.
Znany ekspert w dziedzinie bezpieczeństwa i cyberbezpieczeństwa.
Ekspert podkomitetu ISO/IEC JTC1/SC27 „Bezpieczeństwo informacji, cyberbezpieczeństwo i ochrona prywatności” od 1997 roku oraz edytor norm międzynarodowych: ISO/IEC 27005 Zarządzanie ryzykiem w bezpieczeństwie informacji (najnowsze wydanie opublikowane w 2022 roku), ISO/IEC 15408-1 Kryteria oceny bezpieczeństwa IT - Część 1: Wprowadzenie i model ogólny (najnowsze wydanie opublikowane w 2022 roku).
Elżbieta Andrukiewicz, DEng
National Institute of Telecommunications
10 October 2023 / 13:00 - 14:00 / Scene - Kometa