Monday, April 29, 2024

Vogon Today

Selected News from the Galaxy

StartMag

Iic, here’s how and why the Foundation of Italian 007s was broken down a bit

3 years ago babelfish

Iic, here's how and why the Foundation of Italian 007s was broken down a bit

Italian Institute for Cybersecurity (Iic), all the latest news on the Italian 007 Foundation: the American model of the Miter, the funds cut (from 210 million to 10 million), the unclear relationships between public entities and private companies, the unknowns on the scope of action and coordination with other institutions. The deepening of the analyst Arcangelo Milito

In the last three to four days, the Start columns have hosted various interventions to illustrate the Article of the 2021 Budget Bill – as of November 16, 2020 (11.40 am, as per the draft entered into the Council of Ministers on the same date). In the course of this short period, many things have changed for the acclaimed and established "Foundation for cybersecurity", the Italian Institute for Cybersecurity (Iic), which some have renamed the "Foundation of the Italians 007". In a nutshell, everything appears downsized and certainly someone "on the upper floors" must have read the articles on Start .

The IIC was born from the typically Anglo-American basic idea of ​​making public and private entities strategically interact with the same R&D objectives (in English: Research and Development , Research and Development), providing them with an agile operational and decision-making structure, adequate funds for full operation. Basically, something that in Italy makes its way with great difficulty: flexibility, speed and decision-making ability. This interaction is also the conceptual prerequisite of dual use , that is an approach based on the dual use of research and development in the field of data protection and security, also with fruitful economic and industrial implications.

The IIC does not come out of nothing, but finds its foundation in practices already tested abroad, especially the United States, Great Britain or Israel. More specifically, it is a model developed in its general lines following meetings between Italy and the United States which took place in Washington about 2 years ago, in which the basic objective was “to maximize the action of the country system in the United States. This is also thanks to the crucial relationship with the private sector ”, with commercial relations in the first instance.

The reference model chosen is the American Miter Corporation . Just like Iic, the US Miter is a non-profit organization that coordinates and finances federal research and development projects since its foundation in 1958. Since its origins, Miter has pursued the objectives of optimizing and updating the operational role of Defense , American Aviation and Intelligence. To give just one example, it was Miter who coordinated and carried out the design of Sage systems (Semi Automatic Ground Environment, semi-automatic operating environment) through the Satin project (SAGE Air Traffic Integration), i.e. the 1st digital computer for US Air Force that connected radar stations, weapon systems and military decision makers in real time to make decisions in a very short time, in fact. If you think about it, it is that system that would have allowed the military in the movie Doctor Strangelove to make the decision to launch missiles. If we look at the management structure of Miter , from executives to trustees or (Visiting) fellows, they all have a rich CV connected with defense, intelligence (especially US Naval Intelligence Office) and cyber-security (eg Cisco). And certain assignments, names and experiences matter.

To return to us and to the miserable Italian things, the Council of Ministers seems to have greatly reduced the financial endowment of the IIC and has maintained the pre-eminence of the CISR (Interministerial Committee for the Security of the Republic) in the appointment of the executive members, in agreement with the Ministry for University and Research as well as (where existing), the delegated political authority for functions in the field of information technologies and digital innovation. The Explanatory Report (Article of 11/16/2020 p.93) also specifies that the Bodies of the Institute and their members "must in any case obtain the prior approval of the same integrated CISR pursuant to paragraph 4".

In particular, the Article (Article 104 c.13) now bears the authorization of expenditure for only 10 million euros for 2021: a good 200 million less than what is expected from 2021 to 2024. In practice, a " Broken foundation ”, that is, without real autonomy. To get an idea, in the original Saturday-Sunday version the fu art. 96 c.13 allocated these hypothetical sums to Iic :

  • € 30 million for 2021
  • 70 million euros for 2022
  • 60 million euros for 2023
  • 50 million euros for 2024
  • XXX million euros from 2025


Start Magazine immediately launched a careful analysis and reflection on the provisions, for the obvious implications regarding the security of the State, of its strategic and productive interests. The decision to set up an Italian Cybersecurity Foundation has generated numerous questions and perplexities that Start has collected and published several times. The fear is that the proliferation of bodies and subjects like this Foundation / Institute are a duplicate of the already existing CISR, with little or little coordination. In short, a bureaucratic duplicate where for some excellent politicians and / or parliamentarians could end up at the end of their government career or by mandate limit, as already highlighted on Start by Umberto Rapetto or Federico Mollicone . It is precisely the missing combination of operational coordination and political direction that seems (still) to be lacking: it is not clear, in fact, why what has been expressed at a political level by the Mise ( Ministry of Economic Development, Policy guidelines of the dicastery , point C) .

Finally, it would still be appropriate to clarify the terms and limits of the collaborations put in place, as well as the objectives to be pursued, of course. In other words:

  • the objectives concern the fight against cyber-terrorism and data protection in a broad sense, against terrorism and the control of public order, the fight against extremist propaganda?
  • What relationship would the Foundation (in which there are private subjects) have with the public interest, would it have an advisory or even a regulatory role?
  • What precise contours would the action of the Established Foundation have in relation to the Armed Forces, to their existing structures and with the same purposes?
  • What type of "collaboration between the State and experts and / or private companies, both nationally and internationally" (introduced by paragraph 10 of article 104 Articulated Budget Law 2021), would we have? That is, what would be the scope and objectives of the “collaboration of national and foreign experts and consultancy firms, or universities and university and research institutes?

These are all questions that still await clear and – possibly – operational answers. The confusion under the Italian political sky remains unchanged (and immutable?).

This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/innovazione/iic-ecco-come-e-perche-e-stata-un-po-sfondata-la-fondazione-degli-007-italiani/ on Tue, 17 Nov 2020 16:29:27 +0000.