Help public and private organizations to govern the challenges of digitalization and be resilient to the impact of cyber risk, planning and optimizing the necessary investments over time.


We support our customers in the digital transformation process and in implementing resilient it technologies on premise, in the cloud and in smart-working.

We support our clients in the development of tailor-made paths of corporate resilience to cyber risk, paths that include inter alia: risk analysis and assessment, regulatory compliance, security assessment, security governance, security by design, incident management process, testing and verification of digital operational resilience, third party risk management, audit of outsourced services and support to certification.


The partner team is made up of professionals who have made the Internet great in Italy and in the world, participating in the development of infrastructures, services and network security.

Operation Partners

35Y+ in IT/Cybersecurity
Master’s degree ICT & Internet Engineering

  • MCmicrocomputer, BYTE Italia
  • MC-link
  • Capgemini
  • BIP
  • Professor @ LUISS, Unilink, Unicampus, SIOI
  • Teacher @ Formez, SNA
  • CISM, CRISC, C|CISO, Lead Auditor ISO 27001
  • CLUSIT Board Member

35Y+ in IT/Cybersecurity
Political Science Degree

  • Fuigi Italiana, AST, Oracle, eSpin (JV Fiat, Oracle, Cap Gemini ErnstYoung)
  • Partners4Innovation
  • Europrivacy.info / GDPR
  • Lecturer in computer security @UNIMI
  • Founder and Chairman Clusit Community for Security
  • CLUSIT Board Member

30Y+ in IT/Cybersecurity
Electronic Engineering PoliMi
MIT Master Management

  • System Robot Automation
  • Bull Honeywell
  • Siosistemi
  • I.NET /BT Global Services
  • Varonis
  • Skybox Security
  • CLUSIT Board Member
  • Lecturer at CEFRIEL

35Y+ in IT/Cybersecurity
Degree in Economics

  • Arthur Andersen
  • McKinsey (founded BTO Italy)
  • Capitalia (COO)
  • Enel (CITO)
  • Oliver Wyman

35Y+ in IT/Cybersecurity
Bachelor in Computer Science

Founded/participated in:

  • ARS Informatics
  • GLAMM / Dataservice
  • Eximia
  • Virthualis
  • GTI Gaming
  • Human Mobility

Consulting, Audit, Assessment and Training: IT Service Management, Information Security, Risk Management, Incident Management, Business Continuity, Disaster Recovery.

  • Security: Supply Chain, IT / OT, Awareness
  • Lead auditor certified in international registers
  • Certified ICT Security Manager
  • Qualified auditor ISO 9001, ISO/IEC 27001, 20000-1,  22301
  • Designer and lead tutor of registered courses
  • Member of UNINFO UNI/CT 510 “Sicurezza Informatica” and ISO/IEC JTC1 SC27/WG1


The whirlwind digitalization of the way of producing and communicating in recent years has privileged some aspects of quality and business (speed, ease of use, integration) and widely underestimated the security requirements of architectures, applications and systems.

This underestimation, linked to the lack of awareness of what could happen, has created large security gaps that criminals on the one hand, and forces linked to opposing states, on the other, have used to take advantage of all kinds…

We refer here to the theft of information for industrial and commercial espionage, fraud and extortion (ransomware) and sabotage for terrorist or demonstration purposes.

This peak of the accident, measured in every international report that deals with the subject (for Italy the Clusit Report), first got the attention of the press and the media: there are countless articles also in the generalistic newspapers that deal with the accidents of cybersecurity and, then, of the national legislator and and everyone who has introduced rules, laws and internationals that oblige companies and companies of this type to take appropriate security measures, organizational guarantees and security guarantees of third parties (citizens, the market, customers, patients etc.).

It is now common opinion that these measures will be proportional and commensurate with the risk. Modern laws do not take a specific list of things to do, but writes that appropriate measures are taken according to these analyzes, refer to international best practices and require the company or organization to be accountable and can understand their degree of empowerment.

At the same time it is now obvious to all professionals that absolute safety does not exist and that a greater investment in safety only increases the degree of safety up to a certain point. It is therefore all the more necessary to start an investment in safety starting from an initial assessment and risk analysis and then determine which is the most useful level of investment in the specific business context and decline it over time.

The resulting crisis combines cybersecurity, risk and compliance. A mature approach to the problem considering these aspects together. The purpose of initiatives in this area must be to create an organization capable of guaranteeing the right level of confidentiality, integrity and availability of information, and, more importantly, being able to survive the inevitable cyber security incidents that will occur.
So be resilient!


Rexilience Srl

< Milan | Corso Venezia, 54
< Rome | Piazza Finocchiaro Aprile, 3