The head of Poste Italiane’s CERT, Nicola Sotira, was a guest on Class CNBC’s “Detect” programme to talk about Poste Italiane’s data protection security system as part of the episode on “Cybersecurity, vulnerabilities and Public Administration”. Sotira explained how the system works: “The specialist unit handles incident management and IT emergencies. It monitors everything the company publishes on the network, is ready to intervene in the event of an incident and manages the entire business continuity governance.”
Dark web and open sources to prevent cybersecurity threats
“We have implemented a security process that enables safe development,” Sotira continues. “In addition, we have developed a prevention mechanism: you handle the incident as if it were happening right now and there is a whole intelligence element, which studies the dynamics of the attacking groups, maps them to understand the likely impact, and works to mitigate that impact if it happens. We work both in the dark web and in open sources to identify possible threats that may occur.”
Hunting hackers
Prevention is a pressing issue, especially given the ongoing war when western systems have been under attack by hackers. Sotira explains: “Monitoring has become a key aspect: realising that something is about to happen is crucial, both to protect networks and to protect customers. We work to identify abnormal behaviour, because hackers try to pass as legitimate customers. Data analysis is crucial. In this period, we look at all the criminal groups that have contributed to previous attacks, monitor their behaviour and stop them before the attack occurs. And of course, you try to be ready.”
Information Sharing
Sharing information with the various national security departments is crucial: “Together with the cybersecurity agency we are developing the national CERM, where we share information. And we also have a specific hub where we receive information and make it available to others,” he adds. Next, Sotira spoke about Minister Colao’s words regarding the challenges surrounding security personnel in Italy: “Training in this field is crucial,” he explains. “We know this because whenever we look for personnel in this field, it is not easy. We need technicians who can work on data, malware and more. We need to invest in training, and specific roles must be created. We have to bridge the cultural gap: we have the tools but we don’t know how to use them. At Poste Italiane we are working hard to resolve this. I expect the national cybersecurity cloud to improve the situation, with equal stakes for all.”