The world has shifted and cybersecurity is shifting with it. The desire to transform, faster and more frequently, is prompting some organisations to use cybersecurity as a differentiator to deliver better business outcomes.

On Thursday, 22nd February 2024, CIONET Italia gathered industry leaders and protagonists together with esteemed speakers at the Cybersecurity Experience in the mountains of Champoluc, at the eco-hotel Au Charmant Petit Lac.
During the panel discussion, moderated by Marco Goria, Chief Information Security Officer & Cybersecurity Evangelist, our experts delivered thought-provoking insights on leveraging AI and ML technologies to transform cybersecurity. We explored best practices for mitigating risks and ensuring the business continuity of your organizations.

Antifragility in Cybersecurity

Alessandro Manfredini, Director Group Security & Cyber Defence at A2A, kicked off the event with a keynote address on the importance of antifragility in cybersecurity. He argued that organizations need to move beyond traditional resilience strategies and embrace antifragility, which is the ability to adapt and thrive in the face of uncertainty and change.

Threats and cyber trends in 2023

Fabio Sammartino, Head of Pre-Sales at Kaspersky presented a sobering picture of the cybersecurity landscape, highlighting the increasing complexity and sophistication of malware in 2023. He stressed the importance of understanding your organization's vulnerabilities and evolving cybersecurity mechanisms based on maturity and budget. His insights emphasized the need for proactive detection and response solutions, coupled with advanced threat intelligence.

Cybersecurity Maturity in Healthcare

Nicoletta Pesce, Manager Sales Development EMEA at Claroty offered her valuable perspective on the security maturity of Italy, particularly in healthcare environments. While acknowledging challenges, she also highlighted opportunities for improvement, suggesting increased awareness and collaboration between organizations. Her input aimed to guide companies in assessing their current state and identifying avenues for enhanced security posture. 

Security Landscape in the Cloud

Luca Dozio, Head of ICT Security shared Illimity's journey navigating the security challenges of operating in a cloud-based environment. He discussed their strategies for managing public, private, and hybrid cloud models, including careful Cloud Service Provider selection, data flow monitoring, and continuous control. His insights provided valuable perspectives for organizations considering or already utilizing cloud services.

The Evolving Role of CISOs in the Cloud Era

Davide Annovazzi, Security Practice Lead at Google Cloud, explored the evolving role of CISOs in the cloud-centric era. He emphasized the need for CISOs to acquire deeper cloud knowledge and adopt shared responsibility models. He highlighted the shift towards code, DevOps, and data security, urging CISOs to leverage cloud-native security solutions while building effective incident response practices.

Addressing the Rise of Cyberattacks

Madalin Dumitru, CEO & Founder of Cyber Smart Defence part of Stefanini Group addressed the concerning rise of successful cyberattacks, questioning why organizations continue to struggle with protection. He pointed to inadequate risk management, particularly regarding third-party relationships, as a contributing factor. His call to action urged companies to explicitly address cyber risks in outsourcing engagements and actively support third parties in enhancing their security posture.

Third-Party Management

Luigi Iaccarino, Head of Global Cyber Defence and Cyber Security at Vodafone focused on the critical role of third-party management in overall cybersecurity. He highlighted the increasing frequency of incidents originating from external partners and emphasized the need for a shift from compliance-driven approaches to effective risk management. His suggestions included robust contractual frameworks, thorough assessments of third-party security controls, and active support in areas like threat intelligence.

Strengthening Resilience Against Cyberattacks

Andrea Mariotti, Partner Technology Cybersecurity & Data Protection at EY addressed the resilience of Italian companies against cyberattacks, acknowledging improvements but highlighting the need for further action. He advocated for a holistic approach encompassing people, technology, and organizational structures, aligning with the updated ISO27001 standard. He emphasized the importance of advanced detection technologies, incident response processes, and regular crisis simulations to ensure effective incident management.

• Cybersecurity is a constantly evolving field, and organizations need to be prepared to adapt to new threats and challenges.
• Antifragility is a key concept in cybersecurity, and organizations need to move beyond traditional resilience strategies to embrace this approach.
• Threat intelligence and detection and response solutions are essential for organizations of all sizes.
• The security challenges of cloud computing are complex, and organizations need to carefully consider their security posture before moving to the cloud.
• Third parties can pose a significant security risk, and organizations need to carefully manage their relationships with third parties.
• Resilience and incident response are critical for organizations of all sizes.

Our sincere gratitude extends to Marco Goria, Luca Dozio, Luigi Iaccarino, Alessandro Manfredini, Davide Annovazzi, Madalin Dumitru, Andrea Mariotti, Nicoletta Pesce, Fabio Sammartino and all participating Digital Leaders for their invaluable insights and contribution at this event! 

Follow us and stay tuned for this year's next events!