Dr hab. Rafal Leszczyna is an associate professor at Gdansk University of Technology, Faculty of Management and Economics. He holds the M.Sc. degrees of Computer Science and Business Management. In December, 2006 he earned a Ph.D. in Computer Science, specialisation - Computer Security at the Faculty of Electronics, Telecommunications and Informatics of Gdansk University of Technology. Between 2004 and 2008 he worked in the European Commission Joint Research Centre, in the teams dealing with information security and the security of critical networked infrastructures. After his return to the university in 2008, from 2010 to 2012 he was seconded to the European Network and Information Security Agency (ENISA), where among the others he was responsible for coordinating the studies related to the security of industrial control systems and smart grids. His professional interests focus on security of information systems, critical infrastructure protection, information security management and the applicability of new scientific proposals.

Research interests

• Cybersecurity management
• Information management in critical infrastructures
• Cybersecurity of industrial control systems/SCADA
• Cybersecurity cost assessment

Teaching 

• Managing enterprise IT infrastructure and security
• Cybersecurity management
• IT team technology

Doctoral theses topics (PhD supervision)

• Cybersecurity management
• Usable cybersecurity
• Costs of cybersecurity management
• Cybersecurity assessments
• Threat intelligence
• Cybersecurity of industrial control systems
• Cybersecurity in power systems

Diploma theses topics

• Information security management (ISM)
• Costs of cybersecurity management in an enterprise
• Information security risk assessment in an enterprise
• User experience, usability, applicability in cybersecurity
• Security evaluation of an information system in an organisation
• Economic aspects of IT systems security in organisations
• Critical infrastructures cybersecurity
• Cybersecurity in the electricity sector

Sample theses subjects

• Analysis of cybersecurity aspects in Polish organizations (e.g. the level of formulation of security policies, conducting risk analyses or security assessments) based on a survey and interviews
• Developing a web service with a threat repository
• Supportive tools for a risk assessment method
• Cybersecurity site extension
• Enterprise IT security assessment using attack simulations and mobile agent technologies (good Java programming skills required)
• Practical evaluation of penetration testing methodologies in the organization's IT security assessment (practical experience in penetration testing required)
• Automatic assessment of enterprise IT security (good Java programming skills required)
• Practical evaluation of intrusion detection systems, SIEM and threat intelligence

Consultations

Online by appointment (rle@zie.pg.edu.pl)