(Finance) – “In Italy, in the sector of cybersecurity, a decisive acceleration is needed. If on the one hand, in fact, the current one strategy intervention in the matter of protection from any attacks cybernetic has developed, especially over the last year, through new regulations or technical documents with a strategic approach, the time is now ripe to start new and concrete projects on political and system aspects “. This is what he declares Gerardo CostabileCEO DeepCyber (Maggioli Group), which invites the Government “to give a new impulse to information security, which also due to the Russian-Ukrainian war has taken on a global importance and has become one of the main topics of discussion and work not only for companies but also for the States “.
According to Costabile “il renovation technological must be accompanied by the enhancement of the skills and by professionalism able to cope with the incursions of increasingly unscrupulous attackers, who operate with very sophisticated techniques to block the digitization path of the most industrialized countries or even simply to steal sensitive data on networks and information systems or confidential company documents, for then blackmail the victims to extort money. There is a need – he specifies – for greater protection of the country’s large critical infrastructures, adherence to directives and gods framework and the urgency of safety certifications are currently some of the priorities on the ACN agenda, theNational Cybersecurity Agency. I believe that this work must be accompanied by other actions, which the entire Government, from the Minister of Defense Guido Crosetto to the Minister of Enterprises and Made in Italy Adolfo Urso, I hope will be able to undertake effectively ”.
“There transition digitalstrongly supported by the National Recovery and Resilience Plan, must go hand in hand with sovereignty technologicalto the cloud national and cybersecurity “said the Prime Minister, Giorgia Meloni, at the end of October, during the programmatic declarations to the Chamber, adding that” we intend to protect the national strategic infrastructures by ensuring public ownership of the networks, on which companies will be able to offer services under the of free competition, starting from that of communications “. “The good intentions, therefore – comments Costabile – are there and the ideas seem to be clear and shareable”.
The CEO of DeepCyber explains: “First of all, a ‘cyber sovereignty’ is a priority, which guarantees the development and enhancement of Made in Italy also in the field of cyber security. In recent years, many experts have emigrated abroad, both to carry out the activity of managers in innovative companies and to create or develop companies of cybersecurity in other countries, such as the United States, the Netherlands, Great Britain or the United Arab Emirates. It is essential, in this perspective, to create the right conditions, both from the point of view of simplification bureaucratic and state-backed venture capital funds. This – he underlines – not only to support start-ups in their path of affirmation, solving the bureaucratic and financial difficulties they encounter, but also to encourage the growth of existing companies, which operate in the field of cybersecurity as well as attract foreign professionals in the programmatic development of cyber strategies in Italy. Cybersecurity, in fact, can represent a valid element of innovation for the Italian industrial sector “.
The best strategy, Costabile continues, “is to develop products with an international commercial approach. The reason is simple: in Italy we carry out a lot of research, even innovative, but many patents remain closed in the drawers of the universities. Therefore, Italian skills and at the same time incubators are needed, because even our companies are often owned by foreign funds, with certainly different interests with respect to the political and national security strategy ”.
“Another aspect that Italian politics, in my opinion, will have to take into due consideration – affirms Costabile – is that of warranty of a major safety informatics on the territory. Small and medium-sized enterprises are the majority of the economic and industrial fabric, both in quantity and in quality and carry out a very complex and precious job, supporting the approximately 200 companies classified as critical infrastructures in our country. For this reason, some actions could be created, such as greater delocalization and regionalization of cybersecurity on the territory (excluding critical infrastructures), with the coordination of the ACN, for example by inserting the figure of the security manager (as for privacy there is the data protection officer, the DPO). Furthermore, some minimum security measures, mandatory and sanctionable, would be very useful, while investments could be supported not only with the resources provided for by the NRP but also through a targeted multi-year tax exemption. Finally, compulsory and ongoing training for employees “.
About tax exemptionfor the CEO of DeepCyber, “new regulatory obligations on IT security are appropriate, which also affect private companies, listed and unlisted, and it is important to establish them as soon as possible, providing – as recalled by other insiders – both the prohibition of payments of ransomware so as not to incentivize crime than minimum security measures, forcing companies to draw up a three-year cybersecurity plan (as is the case, for other purposes, for the three-year plan for the prevention of corruption and transparency). To all this, a model of tax relief for costs must be associated, with or without Pnrr, to help companies in these actions for the benefit of the country system as well as of individual operators “.
Finally, the culture cyber, which is gradually becoming more and more important, given the exponential increase in cyber attacks and the emergence of aggressive and limitless collectives of attackers. “In addition to employee training, I believe it is essential for the future to envisage the teaching of cybersecurity in schools. Young people are good at using technologies, but less likely to adequately assess all the risks associated with the use of digital tools ”she concludes.