In an era where computer violations and data thefts are becoming more and more frequent and risk immobilizing the economic and social functions of a state, our country has Agency for National Cybersecurity, with the aim of protecting national interests in the field of cybersecurity and the "resilience of services and essential functions of the state from cyber threats".
Main task: "Implement the necessary measures to protect against cyber attacks which, by exploiting any hardware and software vulnerabilities, could cause the malfunction or the interruption of essential functions of the State and public utility services with serious repercussions on citizens, companies and public administration".
The agency must therefore:
- develop national capabilities for prevention, monitoring, detection and mitigation to deal with cyber security incidents and cyber attacks, also through the Italian Computer Security Incident Response Team (CSIRT);
- contribute to the enhancement of the security of Information and communications technology (ICT) systems of subjects included in the national cyber security perimeter, public administrations, operators of essential services (OSE) and digital service providers (FSD);
- supporting the development of industrial, technological and scientific skills, promoting projects for innovation and development and aiming at the same time to stimulate the growth of a solid national workforce in the field of cybersecurity with a view to national strategic autonomy in the sector;
- assume the functions of single national interlocutor for public and private entities in the field of security measures and inspection activities in the areas of the perimeter of national cyber security, network and information systems security (NIS directive), and network security electronic communication;
- participate in national and international exercises concerning the simulation of cybernetic events in order to increase the resilience of the country.
In this regard, to better clarify ideas on the matter, a lucid and very proactive article on the subject, published on ants.net, and drafted by General of Pasquale Preziosa, former head ofaeronautics and today President ofEurispes Permanent Security Observatory. There are many suggestions on issues to be developed in order to try to secure our country, even if we are very late.
This is how Preziosa summarized his contribution: After the launch of the National Cybersecurity Agency, there are at least three aspects to be implemented to ensure full resilience in the country: regulatory, structural and in terms of strengthening controls.
The new National Cybersecurity Agency, writes Precious, took its first institutional appearance. The Agency could not be part of the secret services, whose focus is mainly on regional crises, threats to the national economy, subversion and extremism, the hybrid threat, jihadist terrorism, illegal immigration, crime organized, the cyber threat and more.
Unfortunately, our country continues to be in fifth place in Europe for the number of cyber attacks. When fully operational, the Agency will complete the national resilience already defined with the establishment of the cyber perimeter of national security, with the declared aim of increasing the promotion of the culture of cyber security, through a wide regulatory, administrative and patrimonial autonomy. , organizational, accounting and financial.
The establishment of the Agency will not be the last structural change for the cyber protection of our country, because it will be necessary to urgently strengthen the cyber prevention sector that is not feasible, at the moment, with the regulatory framework in force.
The cyber domain, together with the other domains consolidated over time, underlies the strategic competition in progress and represents the indispensable tool to be relevant in the new world order. It is used by both state and non-state organizations, and is a pervasive, silent, almost unknown tool in the deep and dark part, capable of greatly increasing performance in the application sector as well as being able to destroy it. Like all domains, it needs the organizational pillars in order to operate, i.e. policy, strategy and tactics.
If the policy objective is represented by the mitigation of the cyber security risk of an institution, the strategy will have the task of aligning all the means available (regulatory, financial, instrumental and human capital) to lower the risk of cyber attacks may degrade the efficiency and effectiveness of the institution. The starting point in every domain is the knowledge of who is interested in us and with what purposes and what possible means, it is the knowledge that allows the best preparation of the means of contrasting the cyber threat.
In other words, we must have the so-called "situational awareness (SA)" for our field of IT interest, updated moment by moment, or be able to produce "Intelligence Cyber" analysis, we must have the ability to prevent a cyber attack, any sabotage launched against our production capacities.
The non-Italian state cyber world has already created offensive tools (cyber bombs and traps) to cause irreparable damage to opponents. The cyber war is already underway both between states and in the private sphere. We cannot control it only with the judicial apparatus, whose investigations are already very complex in the real field, but in the cybernetic field they become impossible due to the difficulty of “attribution” of the attack suffered.
A targeted cyber attack can lead to business failure. Even if crypto currencies (a sector not yet regulated) have recently been targeted with a big hit worth 600 million dollars (Poly Network), no one can be considered immune from the possibility of suffering cyber attacks. Without a solid ability to prevent cybercrime and without a structure for verifying the vulnerabilities of computer networks, the levels of risk for the Nation will be very high with important impacts on national security levels.
Cyber intelligence is not exclusive to the public domain, with the fall of the Berlin wall it has expanded to the private sector and is at the basis of the industrial competition in progress. The prevention of cyber attacks is based on cyber exploitation and possibly the cyber attack, even preventive, activities that must be provided for by the law of the State for the bodies authorized in the specific sector. Many states have already authorized the aforementioned functions for their own security agencies. Our country has an urgent need to fill this regulatory gap that does not allow cyber intelligence to exercise the preventive function (of knowledge) through cyber exploitation, and this partly explains why we are in fifth place in Europe for the amount of cyber attacks against our country and we must turn to allied countries to know the origin of the attacks.
In the cyber world we must bear in mind that there are no ethical barriers: everyone spies on everyone. In terms of controls, much has already been done by the Agency for Digital Italy but it is still not enough. The minimum ICT security measures, although organized on three levels, are mainly based on the self-certification of the bodies (Implementation module) unfortunately not highly effective. The Agid also provides for ABSC 4 or the continuous assessment and correction of vulnerability also through Stress Tests. The more frequent adoption of checks by qualified third parties (White Hat) for IT systems may give greater confidence to the resilience capabilities of the network.
After the launch of the Agency, in order to achieve the minimum sufficiency and align ourselves with the other European states, there are therefore at least three aspects to be implemented: regulatory, structural, in terms of cyber intelligence and strengthening the effectiveness of controls.