Allies against a common enemy, cybercrime, and together for 15 years to protect against cyber attacks: the collaboration between CVA and Sophos continues.
The CVA Group, with headquarters in Valle d’Aosta and plants throughout Italy, was founded in 2001. Its current plant park It consists of 934 MW of power deriving from hydroelectric plants, 54 MW from photovoltaic plants and 157 MW from wind plants. It has around 650 employees and boasts a turnover of almost two billion euros in 2022.
A future of investments
The Group envisages a strategic investment plan for 2027 which will lead to an increase in new photovoltaic and wind plants, for additional production of renewable energy. In the face of this continuous growth and evolution, the IT infrastructure has also experienced a significant expansion of services and an increasing level of complexity over time.
Protection from cybercrime – Sophos and CVA
In recent years CVA has significantly expanded the staff, skills and assets responsible for the proactive management of Cyber Security. Constantly promoting the culture and awareness of cyber risks throughout the company. It was therefore necessary to change the approach to cybersecurity management. So as to be able to effectively deal with both cyberattacks coming from outside and IT security risks generated within the company. The Group’s need was to protect the perimeter and all the assets of its infrastructure. In addition to the related logical accesses both by internal users and by third parties.
Analysis and solutions
Danny Trèves, Privacy Contact and Head of Vulnerability Management within the IT Services Function
The CVA group periodically conducts an in-depth analysis of the different solutions Endpoint Protection (EPP) cutting-edge and available on the market. It does this by organizing meetings and POC (Proof of Concept) with the relevant vendors to understand the best solution to adopt in the CVA group.The choice to entrust the protection of CVA’s corporate assets to Sophos starting from 2007, was based on the excellent and continuous feedback provided by the solution compared to competitors. This is both in a purely technical context and in terms of functionality, usability and simplicity of the platform.
Sophos and CVA still allies
CVA purchased the first antivirus solution Sophos in 2007. The collaboration continued successfully for years until 2019, the year in which CVA moved towards the adoption of Sophos Intercept cloud and O365. Thus protecting the entire network which includes approximately 600 clients, 200 servers and 800 email addresses. Finally, in 2022 the company activated the Sophos Phish Threat service. It offers training for end users and challenges them with automatic simulations of phishing attacks and much more.
How to protect yourself from cybercrime
Danny Trèves, Privacy Contact and Head of Vulnerability Management within the IT Services Function
In addition to providing us with peace of mind in our daily lives for years, we observe how Sophos has actively protected us from a cyber attack. At the end of 2022, Sophos Intercept Which allowed us to intervene effectively without any impact on company operations.This further strengthened our trust in Sophos and led us to activate the Sophos Managed Detection and Response (MDR) service, which includes a team of experts who monitor our systems 24/7. Sophos MDR is a high-performance solution that provides us with the support of an extremely technical and competent security team.
The characteristics of the system
Thanks to the Extended Detection and Response (XDR) features associated with the Sophos MDR service, the CVA Cyber Security Team is able to:
Detect more effectively new cyber threats and cybercrime.
Undertake actions, in collaboration with the Sophos MDR team, to prevent threats from interfering and/or blocking business activities.
Identify detail the original cause of the threats in order to prevent future incidents.
To use of the Sophos MDR Incident Response (IR) service to support the team
To use della Breach Protection Warranty.
Make use of it of greater compliance compared to Cyber insurance coverage.