1.
IN AN INCREASINGLY DATA-DRIVEN ECONOMY, WHAT’S THE VALUE OF CYBERSECURITY?
We operate in an interconnected world that consequently leads to a widening of the perimeter for possible attacks. Companies are forced to deal with the multiplicity of access to data, systems and infrastructures.
This complex context requires a clear picture of the overall corporate security framework in order to intervene with the right priorities. Knowledge forms the basis for risk reduction, and at company level we need to take preventive action by raising the level of awareness to prevent people from becoming a weak link.
The first measure that can significantly decrease risk is the correct management of all company users, respecting simple security rules.
We operate in an interconnected world that consequently leads to a widening of the perimeter for possible attacks. Companies are forced to deal with the multiplicity of access to data, systems and infrastructures.
This complex context requires a clear picture of the overall corporate security framework in order to intervene with the right priorities. Knowledge forms the basis for risk reduction, and at company level we need to take preventive action by raising the level of awareness to prevent people from becoming a weak link.
The first measure that can significantly decrease risk is the correct management of all company users, respecting simple security rules.
2.
WHAT DOES IT MEAN TO APPLY A CORRECT CYBERSECURITY STRATEGY?
Experience shows us that managing the complex world of Cybersecurity requires a 360° strategy that is established through risk analysis and created around the needs of your business. A proper Cybersecurity strategy is based on the continuous monitoring of threats and the ability to respond quickly to possible attacks. Services that allow essential countermeasures to be taken, even for companies without advanced defence systems.
The approach to cybersecurity is still largely reactive. Companies and organisations tend to look for solutions to individual problems, ignoring the need for rational and systemic security management.
The strategies adopted vary depending on the market and the size of the company. The maturity of the banking sector's approach, which has been forced to deal with these complexities for at least 20 years, cannot be compared to the approach of SMEs, where the problem is rarely addressed, or to that of the manufacturing sector, which is still developing an awareness of its vulnerabilities and the potential consequences of these.
Experience shows us that managing the complex world of Cybersecurity requires a 360° strategy that is established through risk analysis and created around the needs of your business. A proper Cybersecurity strategy is based on the continuous monitoring of threats and the ability to respond quickly to possible attacks. Services that allow essential countermeasures to be taken, even for companies without advanced defence systems.
The approach to cybersecurity is still largely reactive. Companies and organisations tend to look for solutions to individual problems, ignoring the need for rational and systemic security management.
The strategies adopted vary depending on the market and the size of the company. The maturity of the banking sector's approach, which has been forced to deal with these complexities for at least 20 years, cannot be compared to the approach of SMEs, where the problem is rarely addressed, or to that of the manufacturing sector, which is still developing an awareness of its vulnerabilities and the potential consequences of these.
3.
WHAT SHOULD COMPANIES NOT UNDERESTIMATE WHEN PREPARING THEIR CYBERSECURITY STRATEGY?
Starting with the key concept that security must be managed as a whole, today this means having to protect at least these dimensions: IT, OT, the world of IoT, sensors and physical security.
We operate within a global system, and it is essential to consider the level of security of all links in the chain, without underestimating the vulnerability of the weakest links. Today in Italy, SMEs represent one of the critical points in the country's system. To manage the complete scenario, an ecosystem-based approach is required, starting with continuous monitoring and the gathering of information within the perimeter.
It is essential to ensure an adequate level of prevention, monitoring and speed of response to threats. In this regard, our SOC (Security Operation Center) service is an essential resource for raising the security level of SMEs, in good time and with sustainable investments.
Starting with the key concept that security must be managed as a whole, today this means having to protect at least these dimensions: IT, OT, the world of IoT, sensors and physical security.
We operate within a global system, and it is essential to consider the level of security of all links in the chain, without underestimating the vulnerability of the weakest links. Today in Italy, SMEs represent one of the critical points in the country's system. To manage the complete scenario, an ecosystem-based approach is required, starting with continuous monitoring and the gathering of information within the perimeter.
It is essential to ensure an adequate level of prevention, monitoring and speed of response to threats. In this regard, our SOC (Security Operation Center) service is an essential resource for raising the security level of SMEs, in good time and with sustainable investments.
4.
WHAT IS ENGINEERING AND CYBERTECH'S APPROACH TO CYBERSECURITY?
Cybersecurity requires major investments and structural responses. In order to embrace global security needs, it is necessary to continuously invest in qualified staff, technical upgrades, and SOC structuring. Together with Cybertech, Engineering continues to invest in cybersecurity, which has also been an essential and transversal aspect of its services, to ensure leadership at national level.
We work with companies to map their security status against the surfaces that are exposed to threats. We develop the framework (which can be adapted to change) within which priorities and countermeasures are defined, with a programme that aims to resolve or mitigate any vulnerabilities detected. Through careful risk analyses, we identify the areas at greatest risk in order to define a concrete plan for remediation and monitoring.
All of this represents progress in the direction of rational and systemic security management. This is a necessary starting point for envisaging and then implementing further actions in the medium and long term.
Cybersecurity requires major investments and structural responses. In order to embrace global security needs, it is necessary to continuously invest in qualified staff, technical upgrades, and SOC structuring. Together with Cybertech, Engineering continues to invest in cybersecurity, which has also been an essential and transversal aspect of its services, to ensure leadership at national level.
We work with companies to map their security status against the surfaces that are exposed to threats. We develop the framework (which can be adapted to change) within which priorities and countermeasures are defined, with a programme that aims to resolve or mitigate any vulnerabilities detected. Through careful risk analyses, we identify the areas at greatest risk in order to define a concrete plan for remediation and monitoring.
All of this represents progress in the direction of rational and systemic security management. This is a necessary starting point for envisaging and then implementing further actions in the medium and long term.
5.
IN 2020, DUE TO COVID-19, REMOTE WORKING AND COLLABORATION HAS BECOME STANDARD PRACTICE, AND MANY ANALYSTS ARGUE THAT DIGITISATION WILL PROFOUNDLY CHANGE THE WAY WE WORK IN THE FUTURE. WHAT ROLE SHOULD CYBERSECURITY PLAY IN THIS EVOLUTION?
Digital acceleration has created new digital habits, while simultaneously exacerbating an already high level of exposure to threats. Smart working does not yet have a solid basis. People working from home often use personal devices that are not protected.
The fact that this is an early form of digitalisation is demonstrated both by the multiplication of attacks and their effectiveness. The level of security in place has proven to be insufficient. The pandemic has redrawn the map of attacks and attackers. Companies and organisations will have to update their defence strategies, adapting them to the new extended network to ensure protection of the entire perimeter.
Digital acceleration has created new digital habits, while simultaneously exacerbating an already high level of exposure to threats. Smart working does not yet have a solid basis. People working from home often use personal devices that are not protected.
The fact that this is an early form of digitalisation is demonstrated both by the multiplication of attacks and their effectiveness. The level of security in place has proven to be insufficient. The pandemic has redrawn the map of attacks and attackers. Companies and organisations will have to update their defence strategies, adapting them to the new extended network to ensure protection of the entire perimeter.
Roberto Mignemi
With over 30 years of experience in the IT sector, Roberto covered strategic roles in Sistemi Informativi S.p.A. and the role of CEO in Alpha Sistemi and Omnitech.
In 2008 he was appointed as the CEO of OmnitechIT, and for more than 11 years he managed it up to 300 employees, 7 international offices and Cybersecurity projects in 21 countries, reaching a turnover of €28m. In 2019 OmnitechIT was acquired by the Engineering Group and became Cybertech, the Group's center of excellence for Cybersecurity.
Roberto, as the current CEO of Cybertech, is committed to developing the Cybersecurity market, which is recognized as one of the main growth opportunities for the Engineering Group.
In 2008 he was appointed as the CEO of OmnitechIT, and for more than 11 years he managed it up to 300 employees, 7 international offices and Cybersecurity projects in 21 countries, reaching a turnover of €28m. In 2019 OmnitechIT was acquired by the Engineering Group and became Cybertech, the Group's center of excellence for Cybersecurity.
Roberto, as the current CEO of Cybertech, is committed to developing the Cybersecurity market, which is recognized as one of the main growth opportunities for the Engineering Group.
Contact us
marketing@eng.it
Tel. (+39) 06-87591