Thursday, May 9, 2024

Vogon Today

Selected News from the Galaxy

StartMag

Cybersecurity, cloud Pa and more. What to do (and not to do) according to Brothers of Italy

3 years ago babelfish

Cybersecurity, cloud Pa and more. What to do (and not to do) according to Brothers of Italy

Startmag conversation with Federico Mollicone, Innovation Manager of Fratelli d'Italia, on the agency for Cybersecurity and more

The Chamber of the Chamber approved the Cybersecurity Decree with 388 yes and only one vote against (35 abstentions). The provision defines, in particular, the national cybersecurity architecture and establishes the National Cybersecurity Agency, modifying, among other things, the 2019 decree law with which the national cyber security perimeter was introduced. Among the votes in favor there are also those of the component of the mixed group Alternative there. Fdi announced the abstention. The text is now being examined by the Senate (it must be converted into law by 13 August).

Mr Mollicone, on the subject of cybersecurity, the general discussion ended a few weeks ago. You are responsible for the innovation of your party, Fratelli d'Italia, and together with your party you have repeatedly stressed how the issue of cybersecurity is more important than ever today. What do you think is most troubling about cyber security today?

In the year of the pandemic, according to the Clusit Report, there were 1,871 serious attacks in the public domain, an increase of 12% compared to 2019. In particular, there has been a worrying increase in cyber espionage events. These attacks have had a systemic impact on every aspect of society, politics, economics and geopolitics. This means that, on average, 156 serious attacks were recorded per month, the highest value ever recorded to date (there were 139 in 2019), 156 attacks per month are not few! None of us can be considered safe. Cyber ​​attacks are on the agenda unfortunately, we are increasingly vulnerable and threatened. The cyber threat is capable of affecting a plurality of interconnected sectors such as the theft of data for predatory purposes, the infringement of intellectual property, identity theft, the intention to damage the functionality of critical infrastructures or to manipulate information in order to delegitimize institutions, encourage proselytism on the net, real espionage by stealing privileged information or industrial secrets, to alter competition and favor the strategic superiority of a hostile country.

Microsoft has suffered from computer theft, our data has been stolen, perhaps sold to some hackers. You see, personal data is the new currency of exchange in my opinion, money matters a lot, I don't deny it, but do you know how much our personal data can be worth?

As Brothers of Italy we were the first party to bring to attention the issue of information security and cybersecurity in the broadest sense of the term. We believe it is a topic that should not disappear from the government's radar or which is dealt with intermittently.
The need for the reorganization of cyber security policies is a historical position of the Brothers of Italy: already with an agenda – 9/02648/020 – approved last September, the government committed itself to the establishment of an Agency on the model German.
With our colleagues Butti, Prisco, Silvestroni, Rotelli we presented a series of proposals to improve the text, aimed at ensuring a better effectiveness of the action of the new Agency. Thanks to our amendment, shared with the majority forces, a mechanism of dialogue with the stakeholders will be provided, to ensure on the one hand full transparency and on the other hand to allow the largest number of actors, public and private, to provide cognitive elements, useful for guiding national strategy and policies. In this sense, it will be essential to guarantee constant relations with Parliament, with the Parliamentary Committee on the security of the Republic, in particular. The role of the public sector is certainly that of an “orchestrator”, even if it does not always have the authority, resources and skills to carry it out effectively. In many cases, the management of essential components is carried out by private actors, and the skills necessary to assess vulnerability and risks are not adequately disseminated in all the public administrations involved. Managing and protecting critical infrastructure requires a strategy based on cooperation, not only valuable but inevitable, between the public and private sectors. Their collaborative efforts can reduce resource duplication, improve communication, increase efficiency, and ultimately achieve security goals better than government or the private sector if they act independently and uncoordinated.

What tasks will the Agency have?

The Agency should have tasks related to the security of the "Supply Chain" and of the contracts awarded by subjects not included in the cyber security perimeter. Too often there is pervasiveness of non-European operators. In fact, the European PNRR funds destined for the digital transition – 40 billion euros plus the appropriations for telemedicine – could increase Italy's already significant technological dependence on some Chinese companies, in particular for 5G networks, broadband, platforms and services. IT, smart cities, urban mobility, home automation and video surveillance. In this sense, we believe, as requested in an amendment, it is necessary to establish a special economic zone for cyber security companies: a set of fiscal mechanisms that can guarantee growth for innovative companies and SMEs in the security field. Public-private partnership, construction of a special economic zone for security companies, involvement in the dynamics of the Agency of small and medium-sized enterprises, establishment of a list of safe operators and establishment of a preventive verification mechanism (white list) on technology , support for cryptography as a cyber security tool: these are the issues that we have placed the Government on our agenda.

And on the subject of cryptography, what is your position?

The issue of cryptography is very important and Fratelli d'Italia immediately dealt with it, as specified in the functions of the Agency thanks to our amendment, with an addition in the necessary parliamentary conversion, aimed at ensuring security, from the crypto sector. up to the scenarios of the development of the quantum computer, as well as to protect the increasing use of the cloud. The Agency will also have the role of certifying body of the national cloud. I want to focus on how we have already proposed in the motion on the cloud – now gone from radar – a close connection with cyber security.
Furthermore, the Agency must have a key role in defining digital literacy strategies, in every school of order and grade, so as to define a digital "hygiene".

You are talking about personal data. Could you explain the connection between these and cybersecurity better?

It is often thought that only economic data are stolen, this is not the case. There are several cases that jumped to the "horror" of the news, on the theft of sensitive data even from hospitals, treatment centers, where our parents and grandparents can be hospitalized. Would you like it if the data of your non self-sufficient grandfather were stolen in a nursing home, because a cyber attack hit the IT infrastructures, not absolutely enhanced as they should be, of the hospitals where our loved ones are hospitalized?
Reality has more imagination than us. Unfortunately, the trend is growing, since 2017 there has been a significant increase in cases of cyber security breach. I would just like to remind you that numerous attempts at data theft also involved information in the health sector: the European Medicines Agency suffered a cyber attack through which documents on the Pfizer vaccine, health data, were violated. There is no limit to the worst.
As Brothers of Italy we underline that now everything revolves around the cyber matter. She is holding a tablet right now, and definitely a cellphone in her bag. Maybe his son uses his own mobile phone or tablet and in a moment, we really talk only for a moment, here is a cyber attack on the data contained in his device, even identity theft, accounts, photographs.

What are your thoughts on the establishment of the National Cybersecurity Agency? What do you think should be its prerogatives?

As Brothers of Italy we are in favor of the establishment of this Agency. We are opposition, yes, but proactive opposition and we work for the good of Italians and our nation.
We have repeatedly stressed that it was necessary to do so. Let me remind you that we were the first to focus on digital sovereignty. FDI has always been the party of digital sovereignty. We have also been so on this provision in a loyal collaboration with the majority forces and in a close confrontation with the Government. In this regard, we also presented an important agenda in March 2021 – 9/02757/052.

Today it is necessary to deal with the pervasiveness of data, with the fact that they are produced by every action, conscious or unconscious, of individuals and by the relative ease with which – these same data – can be collected and used. In a context of a globalized world in which we are increasingly vulnerable, I welcomed this decision. The definition of this Agency is certainly a first step towards the protection of data security. As I told you, those with sensitive and personal data can nowadays consider themselves a modern King Midas. For centuries relationships have been territorial, based on proximity, now everything happens in the presence of a connection. This is why we believe it is necessary that the Agency is not only in charge of defending against attacks, but that there is cooperation to alert you also to potential attacks. The cyber threat affects a number of different sectors, we certainly cannot stand by and watch. What we want is not to have a mere reaction to cyber attacks.

We risk being discovered and not having the time to take all necessary measures to protect ourselves and report the attack. I do not disclose the country from which most cyber attacks have started towards the Western world … ..

Are you referring to China by any chance?

I believe that the issue of cybersecurity cannot be separated from the nations from which attacks most often arrive. This is why we are against the inclusion of non-national entities in the cloud infrastructures. Digital sovereignty must be the challenge for the future, without ensuring it at 360 degrees we will one day find ourselves having to hand over part of our digital-democracy to other nations and we will fight against this possibility. At the moment we consider the text so important and necessary, but incomplete in some of its parts and therefore improvable.

This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/innovazione/cybersecurity-cloud-pa-e-non-solo-cosa-fare-e-cosa-non-fare-secondo-fratelli-ditalia/ on Wed, 28 Jul 2021 11:35:40 +0000.