In a context where the cyber threat it becomes more and more pressing, Italy is moving to strengthen its defenses in the field of cybersicurezza. This is confirmed Bruno Frattasi, director ofNational Cybersecurity Agencyduring a’hearing at the House Defense Committee.
Frattasi in particular revealed that they are being implemented “new agreements with the administrations of the national cyber security perimeteras directed by a directive from the Presidency of the Council of Ministers, to strengthen the Agency’s response capacity when there is an impact, establishing an activity protocol that must be followed by our operators and the operators of the administration that suffers the cyber attack”.
Italy late in responding to threats
Frattasi highlighted Italy’s delay in responding to the cyber threats, attributable to insufficiently large investments in the cybersecurity sector in past years. “Response times – she explained – can also be long because investments in IT security are complex and expensive and require not only a technological but also an organizational and procedural response”.
April 4, 2024 – 12:00
Generative AI and Data Protection: find out how to implement effective business strategies
“The drawing of law 1717 regarding the strengthening of national cybersecurity, which has already come to the attention of the joint Constitutional Affairs and Justice commissions – he added – takes inspiration from the latest developments to expand the ability to understand and counter the threat. Knowledge of the threat is in fact the prerequisite for being able to prevent and counter it effectively. L’obligation to notify impacts to which the bill refers precisely aims to ensure that this threat is known by the Agency and allows us to communicate with the person responsible for the ICT services of the affected public administration and with the cybersecurity manager”.
An ever-evolving danger
The director also underlined that, although Italy has not recorded attacks capable of compromising national critical infrastructure to the point of endangering national security, we cannot lower our guard. The threat is constantly evolving and the introduction of technologies such asartificial intelligence could increase its offensiveness.
“In the Agency’s observation period we have not recorded attacks that could have put national critical infrastructures in conditions of discontinuity such as to endanger the primary asset that we are required to safeguard, i.e. national security – he clarified Frattasi -. It did not happen due to the robustness that the country’s digital surface has already achieved, but it is not a definitive and final goal but rather an intermediate one, because it is necessary to continue this process of growth and robustness relating to Public administration, businesses and professionals, civil community. However, we cannot rest on this result because the threat is evolving and refining and could lead to an increase in both the number of attacks against our country and the offensiveness of the threat. The intervention of artificial intelligence could in fact make the attacker’s danger even more offensive“.
Digital risk is increasing
The director then highlighted how recent historical events, including the pandemic and geopolitical crises, have contributed to a significant increase in digital risk. The increasing digitalization of work and interpersonal relationships has further exposed society to hostile activities in cyberspace, particularly those directed against Western democracies. Among the examples of attacks cited by FrattasiDDoS ones stand out, which have affected public administrations, financial institutions and healthcare companies, overloading systems to the point of interrupting service delivery. These campaigns, often claimed by hostile state actors, in addition to causing direct and reputational damage, also convey disinforming messages, amplifying the effect of the attack.
@ALL RIGHTS RESERVED