BLUE energy Sp. z o.o.
Speciality: Penetration Testing, Security Operations Center (SOC), SCADA/OT/IoT Security
Business consulting and services company based in Poznań, Poland; 43 employees; founded 2010; specializes in cybersecurity, automation, process optimization, audits, testing, and automation platforms; explicitly offers penetration testing services ('testy penetracyjne') to clients.
ISO 27001:2022: Origin and Industry Value
Origin
ISO 27001 was developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), first published in 2005 as ISO/IEC 27001. The standard evolved from the British Standard BS 7799-2, which was created in the late 1990s. The 2022 version represents the latest revision, updated to address modern cybersecurity challenges including cloud computing, remote work, and emerging technologies. It was created to provide organizations with a systematic framework for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS).
Industry Importance
ISO 27001:2022 is highly valued because it provides internationally recognized proof that an organization takes information security seriously and has implemented comprehensive controls to protect sensitive data. The certification demonstrates to clients, partners, and stakeholders that a company follows best practices for managing cybersecurity risks, often becoming a prerequisite for doing business with government agencies and large corporations. Organizations benefit from reduced security incidents, improved customer trust, competitive advantage in procurement processes, and potential compliance with various legal and regulatory requirements. The standard's risk-based approach ensures that security measures are proportionate and aligned with actual business threats.
TISAX: Trusted Information Security Assessment Exchange
Origin
TISAX (Trusted Information Security Assessment Exchange) was created by the ENX Association (European Network Exchange) in 2017 at the request of the German automotive industry, specifically the VDA (Verband der Automobilindustrie - German Association of the Automotive Industry). The certification was developed to address the automotive sector's need for a standardized, mutual recognition framework for information security assessments. It was created to reduce the burden of multiple audits on suppliers, as automotive manufacturers were each conducting their own security assessments of shared suppliers, leading to duplication and inefficiency.
Industry Importance
TISAX has become essential for companies working with the automotive industry, particularly in Europe, as many major manufacturers now require it from their suppliers and partners. The certification provides a trusted, industry-recognized validation of a company's information security practices, protecting sensitive data such as intellectual property, product designs, and business information. Its importance stems from the mutual recognition principle—once a company achieves TISAX certification, the results are shared across participating organizations, eliminating redundant audits and creating efficiency while maintaining high security standards. For suppliers, TISAX certification has become virtually mandatory to maintain or establish business relationships with automotive OEMs and tier-1 suppliers.
- Aquanet
- PGE
- Arctic Paper
- CEZ
- PGNIG
- Atman
- UKE
- CEZ Polska
- Classen
- UKNF
- ENEA
- Engie Polska
- WSB Gdańsk
- PGNIG Termika
- PKO BP
- Fuchs
- ZUS
- Gdynia Container Terminal
- GPD
- Grupa Azoty
- Helimed
- Honda
- Poznań Lawica
- PSG
- JSW
- Koleje Mazowieckie
- LW Bogdanka
- Kreisel
- MCZ
- MPWiK
- PPL
- Ministerstwo Zdrowia
- MPWiK Wrocław
- NFZ
- PERN
- Rohling
- Tauron
- PGG
- STS
- Plus
- PKP Intercity
- PUM
- Szpital Uniwersytecki
- Szpital
- POdimed
- Tameh
- TT
- TVP
- UJ