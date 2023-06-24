On the occasion of the event Ignite on Tour organized in Milan on June 20, Palo Alto Networks also sent the press for a meeting dedicated to an overview of the state of cybersecurity in the world and in particular in Italy. Participated Helmut ReisingerCEO Emea and Latin America, Michele Lamartine, Country Manager Italy and Malta of Palo Alto Networks, Umberto PirovanoSenior Manager Systems Engineering.

Palo Alto Networks around the world

Helmut Reisinger quickly introduced the company, the world‘s leading provider of integrated information security solutions, with a market cap of $75 billion, 13,500 employees and two main centers, one in Tel Aviv in Israel, the other in California. Palo Alto Networks has a market share del 4%, not much in absolute terms, but still enough to take the company to the top of the table. In fact, the cybersecurity sector is highly fragmented and is made up of around 3,500 companies.

Reisinger pointed out that virtually all of the world‘s software is composed of 80% open source code, potentially exposed to malicious attacks. If even one library of this code contains malware, it will be multiplied thousands of times, worldwide. To address this and other vulnerabilities, Palo Alto Networks started using machine learning and artificial intelligence about nine years ago, to analyze data streams for anomalies and suspicious behavior. Every day Palo Alto Networks detects approx 1.5 million attacks with new methods worldwide.

The situation in Italy

Michele Lamartine drew attention to the Italian situation, highlighting that the data relating to our country are not very encouraging. Italy is at 20th place in terms of digitization progress in Europa, al 24th for the number of cybersecurity experts. ICT graduates are about a third of the European average, they are only 1.3% of the total number of graduates. The budget spent on security is around 1.8 billion euros, just 0.1% of the national GDP. This percentage is growing, but it is still half, even a third of that spent by other European countries.

But there is also good news. First the creation of ACN, theNational Cybersecurity Agency, established on August 4, 2021. ACN is a government agency that can dictate guidelines for an organic adoption of security methodologies and strategies. Palo Alto Networks expects ACN and PNRR together to accelerate the digitization of businesses and the nation, so as to bridge the gap that separates Italy from other European countries.

What is still missing is an important push from the political world, even if now we are beginning to glimpse something. Until now, cybersecurity has always been perceived as a technical problem, as something to hide: in the past, an affected company tended not to make the attack immediately public, to hide it, to manage it exclusively internally.

Michele Lamartina, Country Manager Italy and Malta of Palo Alto Networks

Now there is more attention to computer security, there is more talk about it, there is greater awareness of the risks. More and more companies have entered the issue of security within their board: Cybersecurity is no longer relegated to the IT department, but rises to the attention of the CEO.

Today, for companies, the perimeter to defend is increasingly broader and more complex, too due to smart working and the exponential increase of connected devices. As a result, cyber attacks increase. These are no longer a technical problem but affect the company’s reputation, they can affect economic performance.

Another important trend, especially in Italy, is theincrease in attacks in the OT environment. Italy is characterized by a strong presence of manufacturing SMEs, which use a lot of OT, potentially vulnerable to cyber attacks. From 2021 to 2022, Palo Alto Networks saw more than 290% growth in OT attackswhich in fact today is a critical point for companies, in any sector.

The environments most affected by cyber attacks are the PA and manufacturing industries, especially SMEs. These realities are still a little late in the path towards digitization. Financial services and large corporations are more risk aware and better equipped against cyber dangers. Cyberattacks on PAs, SMEs and financial services represent more than 50% of the total.

Palo Alto Networks, to overcome the shortage of cybersecurity experts (the company estimates a shortage of around 150,000 specialized resources), has established aAcademy in collaboration with 15 Italian universities and with many higher institutes. The Academy is present in over 80 countries and has allowed the formation of over 400,000 people.

The OT sector is the most prone to cyberattacks

Per Umberto Pirovano a digital transformation is taking place which is not tactical but strategic, is a necessity for companies that want to remain competitive. Today there is greater awareness of cyber risk, even in SMEs. Large companies are more advanced in the process of becoming aware of the danger of attacks, which are no longer seen only as a technological risk but capable of compromising business and production. In SMEs, risk is often perceived as exclusively technical, we still think in watertight compartments.

It is necessary to manage the complexity of modern corporate IT systems, in order to guarantee security and to allow the optimal functioning of industrial processes. In fact, companies must remain competitive, they must not be slowed down or hampered by IT security solutions.

Modern systems produce massive amounts of data, data that are essential for analyzing processes and optimizing them, for performing analyses, perhaps with machine learning. IT complexity has moved security analysis from simple sets of devices (sensors, actuators, computing devices) to much more complex IT structures, characterized by data streams enriched and processed several times, even by third parties. The role of Palo Alto Networks is to support the client company’s IT system with a platform focused on cybersecurity, capable of covering all IT areas, end-to-endwhich integrates natively with the IT system.

Security in the OT environment today means security in the cloud, from code to execution. The old method of managing attacks must be avoided: when a problem arose, IT got to work to solve it, with an ad hoc intervention and with a vertical solution, limited to the node with the problem, without affecting the rest of the structure .

Umberto Pirovano, Senior Manager, Systems Engineering

In hyperconnected and multi-technological architectures, such as modern ones, it is necessary to have the ability to natively and preventively block attacks, whatever the entry point that the cybercriminal can find: IT, OT, network, end-point, cloud.

Today the control against cyber attacks must be automated, because the flow of data to be analyzed is huge. The only way to do prevention is to employ predictive technologies, in all similar to those implemented in the world of machine management. In this sector, algorithms have been used for years that analyze the behavior of mechanical systems and on the basis of statistical calculations are able to predict a future malfunction. Thanks to machine learning, it is possible to know well in advance when problems occur. Palo Alto Networks does exactly the same thing with its security platform: it uses the machine learning in linea to identify anomalous behavior in data traffic on the network. Thus it is possible to do predictive maintenance (up to seven days in advance), to better manage future network problems.

With its solutions, Palo Alto Networks does analysis and profiling of network components, to predict behavior and spot upcoming problems. Immediately after installing a new device, for example, the Palo Alto Networks system identifies it, profiles it, creates a digital identity, suggests to the operator the best policy to maintain a correct posture for a high level of security.

Thanks to the use of AI, the success rate in detecting attacks goes from 20 – 25% to 68%. This is an important improvement (100% is obtained by adding other strategies), which shows how a static analysis can no longer work today: the amount of data is too high and the information flows are too variable. Also the attacks change all the time, because even cybercriminals use AI.

