Deda Cloudthe Managed Cloud & Security Services Provider born within Dedagroup with over 20 years of experience and vision on digital transformation, and Axsyma consulting company specializing in Compliance & Information Security owned by the Group, al Security Summit.
At the reference event on cybersecurity in Italy, with an organic and structured approach to security: derived fromexperience developed in an increasingly strategic sector and from the synergy of the respective skills and know-how.
According to the 2022 Report of Clusit, the Italian Association for Information Security, 2,049 “serious” cyber attacks were recorded in 2021, with an increase of about 10% compared to the data collected in 2020. The most affected target was the government and military one, with 15% of the total attacks (+ 3% year-on-year). IT follows (14%), multiple goals (13%), health (13%) and education (8%). An emergency that globally costs companies and individuals 6 trillion dollars, a value equal to 4 times the Italian GDP.
“The ongoing digitalization process, accelerated also by the pandemic, has forever changed the world in which we work and live. But this new world, as the alarming Clusit data also highlights, must be protected more than ever from the impacts that any cyber attacks can generate not only on companies but also on people’s lives. It is essential that companies and organizations adopt an adequate governance model because even today, despite the attention being high, most companies are unable to act in an emergency with an effective and structured response model “he underlines Bruno Giacometti, Virtual Chief Information Security Officer Of Deda Cloud which, together withWalter Oberacher, Blue Team Leader Of Deda Cloudwill be at the Security Summit on March 16.
Today, in fact, an effective cybersecurity strategy can no longer pass solely from the implementation of technological solutions that detect threats only when they materialize, but requires an organic and proactive approach that must necessarily leverage the services of the Security Operation Center (SOC ). This is one of the differentiating elements that Deda Cloud uses in security management: in-house services, able to intercept the ever new attack methodologies and fine-tune the evolution of defense strategies thanks to teams active 24 hours a day. , 7 days a week.
“In a scenario like the current one, in which the types of cyber attacks continue to evolve in order not to be intercepted by already existing technologies, SOC services play a decisive role. What differentiates us is the choice to be at the forefront on this front, combining the skills and resources of our SOC with the systems areas present in Deda Cloud, so as to be constantly close to companies as the only direct reference, able to respond with readiness to critical situations in which speed is a winning factor and can only be achieved thanks to effective communication, sharing of skills and perfect integration between those who are able to detect and block an attack and those who have to deal with them to quickly implement the necessary remediation measures ” Giacometti concluded.
In this context, it is therefore essential that cybersecurity effectively becomes a corporate function, integrated with the other functions and pervasive in all corporate processes. This is possible only through a correct implementation of Information Security Awareness and Governance activities.
“We must overcome the idea that the organization’s IT security depends exclusively on the use of cutting-edge technologies: it is not enough. To make it effective, it is necessary to manage cybersecurity as a company function, complete with processes and procedures as well as transversal to all departments. This change of approach allows not only to really make the company safer and more efficient, but also to be able to demonstrate it to the market, enhancing its reliability in the eyes of possible partners and customers ”underlines Licari.
An organic and structured approach to cybersecurity must therefore be developed in a real path through which companies need to be accompanied. With this objective, thanks to the integration of their skills and know-how, Deda Cloud and Axsym have developed an IT security management strategy structured in seven phases. Once all the business functions and assets (IT systems and services) have been mapped with an analysis of the risks and related vulnerabilities, and assessed the possible impacts on the business in the event of unavailability or blocking of one or more processes, the resilience of IT systems and services for the various business functions, thus being able to define a Disaster Recovery plan.
Subsequently, the governance procedures for the management of information security are defined and the suitable technological solutions are selected, designed and implemented, which must be constantly updated and monitored. To maximize the level of protection of IT infrastructures, it is possible to use SOCs that allow you to understand, report and prioritize critical events detected by the various systems, blocking or mitigating any malicious activities conducted by cyber criminals. The last, but fundamental step in this path dedicated to security, is the development of knowledge and skills on IT security both at the individual employee level and at the managerial and company level in order to obtain shared security awareness and increase awareness of the risks deriving from a improper use of the IT tools usually used, both in the private sector and in the workplace.