Cyber Security

Defending ICT from malicious attacks

The term cyber security refers to the branch of information technology that deals with analysing vulnerabilities and dealing with risks and threats to which an Information and Communications Technology (ICT) system may be exposed. To be more precise, this science deals with examining the actual status of the ICT infrastructure and taking suitable measures to ensure adequate security.

ICT security has taken a central place in the plans of companies (at least in the largest and most structured ones), which are called upon to invest more and more resources in it. Thanks to technological evolution, in fact, all people can access an infinity of information and knowledge (even free of charge) via an Internet connection, but this fact, while on the one hand bringing numerous advantages, on the other hand presents significant threats, exposing all devices connected to the network to enormous risks and threats. This observation should therefore not and must not be underestimated.

Indeed, it should be emphasised that any device connected to the network could be a potential target. Suffice it to think, not only of companies, but of all the everyday behaviour of citizens in accessing apps and websites to consult their confidential and strictly personal data (health data and medical records, current account reports via online banking platforms made available to users by banks, etc.).

Below is a list of the main cases on which the investigation agency may be called upon to intervene:

• Vulnerability assessment: this is one of the main activities, which consists of analysing an IT system in order to reveal its security level, paying particular attention to its vulnerabilities and weak points (e.g. passwords with easily-violated characters), in order to adopt appropriate countermeasures to correct them;


• Penetration testing: together with the above-mentioned, this is one of the most popular and requested activities that consists of simulating attacks to detect the degree of resistance of the ICT system in order to strengthen it. Specifically, through these intrusion attempts on the client's systems, the system will be tested in order to strengthen it, thus preventing it from suffering attacks of the same magnitude in the future.

These two activities contribute, each to their own extent, to paint a picture of the actual state of security of the system under investigation. In addition to the two main activities mentioned above, there follows a list of other common cases on which the investigating agency may be called upon to intervene:

• Implementation of access tracking systems;


• Implementation of system backup and recovery to safeguard data;


• Analysis of the wireless network, servers and endpoints


• Realisation, through cryptography, of a system to make your personal or corporate data secret;


• Secure deletion of information so that it can no longer be recovered;


• Installation of VPN and other systems to safeguard your privacy while surfing the Internet;


• Training and advice on the correct use of e-mail;


• Check whether a company computer has been misused (for non-company purposes or against its policies).