NIS 2 is bringing a number of compliance activities by private companies and public administrations, sometimes not very consistent with the regulations. Let us try to make some reflections on
The Equalize case is filling the front pages of the national press and is spreading like wildfire. On social media, it is being talked about in a very technical way,
The idea that hackers only target the most industrially powerful countries is wrong; certainly the United States, China, Europe, are constantly at the centre of cyber attacks, but there are
A lot of information is circulating these hours about the arrest of the founder of the messaging service Telegram: Pavel Durov. Not all this information is correct, let’s try to
In Italy, there is a major problem in restoring health services following a computer incident, and it matters little whether the incident is caused by negligence or malicious intent. In
After the analysis carried out in 2021 and reported in the article‘Videos of animal violence are increasing on the net‘, it was decided to return to the subject a few
It is a term little known to the uninitiated, but dwell time is perhaps one of the most important elements to know for those working in cybersecurity.
Apart from the legal obligations in the event of a data breach and thus the notification to be made to the Data Protection Authority, it is necessary to understand how
On the portal of the Garante per la Potezione dei Dati Personali (Italian Data Protection Authority), the measures against the Lazio Region, the company LazioCrea S.p.A. and ASL Roma 3
The GDPR has given clear rules for the correct handling of information, including through the adoption of specific organisational measures. There are some that are closely related to the technical
In the landscape of cyber risks, it is correct to make appropriate distinctions because risk classification and risk management is one of the most interesting topics to investigate. Among the
CSC control number 17 deals with‘Incident Management and Response‘ and is a very topical subject because, starting from the assumption that nobody is invulnerable to an IT incident, one of
Control 14 of CSCs is based on ‘Security Awareness and Competence Training’, an undoubtedly important but also surprising topic to find within documents of this type. Let us delve into
CSCs pay special attention to data recovery. Let us address this topic and analyse it in the light of current risks.
The journey through Critical Security Control, which began with the presentation, continues with one of the most interesting topics: defence against network threats.
Critical Security Controls are an essential resource for anyone wishing to approach cybersecurity at the enterprise level and are the basis of AgID Circular 2/2017. Few people are familiar with
