Celebrating 100 years of innovation at the University of Milan, Stefano Quintarelli and Marco Locatelli together with Alberto Fioravanti, moderated by Prof. Gian Paolo Rossi, spoke about their experience:
“Città Studi Valley: university-born digital entrepreneurship.”
Personal data protection is not an exclusively legal discipline. An open approach to the different facets of this complex world is necessary to understand and address the challenges posed by having to safeguard fundamental rights.
Corrado Giustozzi was heard by the Joint Committees I Constitutional Affairs and II Justice of the Chamber of Deputies as part of the examination of Bill C. 1717 Government, on provisions for strengthening national cybersecurity and cybercrimes.
Corrado Giustozzi CHIEF Strategist REXILIENCE journalist and writer, lecturer in Cybersecurity in the MSc in Intelligent Systems Engineering at Campus Bio-Medico, and in the Level I and II Masters in Cybersecurity at LUISS, Campus Bio-Medico, Link and SIOI participated in the morning meeting “Legal Breakfast Bytes” with professionals Luca Tufarelli, Francesca Rosetti and Maria Lilia La Porta of Studio Tufarelli Ristuccia and Partners, to explore topical issues with a breakfast together. During this meeting, some topics introduced in the previous meeting were discussed and taken up again, concerning: computer crimes, Cybersecurity and Model 231.
Generative artificial intelligence is constantly evolving, with significant implications for several disciplines. In this session, which closes the second day of the Security summit, largely dedicated to AI, we explore from different perspectives (technological, social, philosophical and economic…) the emerging challenges in this area, analyzing new frontiers and innovative perspectives. Central are issues such as ethics in the use of generative models, interpretation and understanding of the results produced, responsible creation of digital content, and security and privacy in the implementation of advanced generative algorithms.
Analysis of the Technical Tactics and Procedures (TTP) of an attack, by the Managed Detection and Response (MDR) team through ESET XDR and Endpoint technologies. Through a step-by-step analyzed attack, it will be shown how an MDR service, with supporting XDR telemetry and Endpoint Protection, allows attackers’ tactics to be analyzed in order to detect, block, and remediate a security incident.
Artificial intelligence is transforming the world at a dizzying pace: AI is revolutionizing the world in which we live, work and interact with the world around us.
Illegally stolen information is sold with different schemes to the past; business models evolve favoring subscription subscriptions. Exactly the same as in the legal economy! RaaS, MaaS, toolkits, and associated services are frantically evolving.
On Friday, March 8, the first meeting of the cycle Tech talk – Meetings with the protagonists of the debate on technology and digital organized as part of the training activities of the Parliamentary IT Cluster was held at the Camera dei deputati. Our own Corrado Giustozzi gave his thoughts on the topic of “AI: instructions for use.”
On Monday, Jan. 8, Corrado Giustozzi, chief strategist of Rexilience, will participate as a speaker at the CSQA Certifications National Convention with a talk on the topical issue : “Vulnerabilities and Risks in AI Systems.”
On Friday, December 22, Corrado Giustozzi, host of Enrico Pagliarini, accurately and thoroughly analyzed on Radio24 the ransomware attack suffered by Westpole for the serious consequences on Italy.
On Friday, November 24, Corrado Giustozzi joined the Alphaville broadcast on Italian Swiss Radio to discuss the dark affairs of OpenAI live.
Corrado Giustozzi will speak at the second day of the Fall Conference of the Italian Association of Epidemiology at the Istituto Superiore di Sanità in Rome.
His presentation, “Limits and Vulnerabilities of Artificial Intelligence,” will open the section dedicated to “Reflections on Data Security, Ethics and Digital Health: an Integrated Framework.”
The Cloud has been increasingly adopted by companies for many years, but many have yet to understand its best use and the risks that can result from misuse. In the webinar held by Alessandro Vallega, the meaning of Cloud (in its different forms) was defined, how it can be used and what steps are best to take to avoid any dangers in terms of security and compliance.
On Thursday, November 9, Corrado Giustozzi, along with other authors of the “Clusit Report 2023 on ICT Security in Italy,” presented the new CLUSIT report with data analysis of attacks that occurred in the first half of 2023.
The legal profession in the age of artificial intelligence.
On Monday, October 30, Corrado Giustozzi participated, along with authoritative experts, in the episode of ISPI-Institute for International Policy Studies’ The World This Weekdedicated to delving into the impacts on European security of the terrorist risk resulting from the escalating conflict between Israel and Hamas.
As part of the Festival of Diplomacy 2023, Corrado Giustozzi at the Center for American Studies in Rome participated in a discussion on “The Geopolitical Challenge of Quantum Supercomputers.”
The event was held in English, and it was possible to participate in person or via live streaming.
Along with the many opportunities, the digital transition also brings risks, including potential threats from cyber attacks. Increasingly, therefore, we are hearing more and more about Cyber Security, perhaps not fully understanding that taking cover from cybercrime protects against operational and production downtime, safeguards corporate reputation, and guards against possible financial loss, all to ensure business continuity.
Mauro Cicognini,Senior Partner of Rexilience and Member of the Scientific Committee of Clusit speaks about”: Are Italian companies prepared for cyber incidents? Some answers from the Clusit Report data.”
Centre of gravity between regulations, technologies, cybersecurity and personal rights
Will attend:
Artificial Intelligence (AI) , with its applications, enters business processes, simulations, video surveillance, entertainment, medicine, mobility, smart cyties etc … even the war industry.
Corrado Giustozzi,Founding Partner & Chief Strategist, Rexilience, speaks at the ASSI “virtual” Roundtable.
Artificial intelligence technologies are a powerful tool in the hands of cyber criminals who use this technology to refine, speed up and extend cyber attacks on a large scale. While there is enthusiasm among the ‘BlackHats’ for the advent of WormGPT, the ‘good guys’ must quickly discuss the pressing need to transform traditional security systems to integrate AI-equipped defensive strategies. What does the future hold for us and how do IT companies need to adapt to this paradigm shift? We will see what proactive measures can be taken to reduce the initial attack surface for cybercriminals, especially for companies that do not have sufficient resources or do not yet use an artificial intelligence engine to defend themselves. In addition, we will explore how to improve the efficiency of incident response and enhance cybersecurity readiness.
The abuse of vulnerable drivers, known as BYOVD (Bring Your Own Vulnerable Driver), has emerged in recent years as an increasingly common and accessible attack technique. This methodology exploits any vulnerabilities in the drivers to gain full access to the systems’ memory and evade defence mechanisms. With the wide availability of vulnerable third-party drivers and tools that can exploit them, such attacks are becoming a significant threat to the security of data and IT infrastructures. The methods used by cyber criminals to identify and exploit vulnerable drivers and strategies to mitigate these types of threats will be examined.
See you on October 5 to talk about business continuity and resilience in ICT. In this space I will also discuss the cyber risk management tool (CREST).
An opportunity for us all to reflect together, on increasingly topical issues, and clarify terminology in the context of articulated but vital activities in the event of an attack.
What are organizations doing to defend themselves in cyber security? What is the importance of Future Thinking and anticipatory thinking in strategic foresight? As Clusit, the Italian association for cyber security that will also be the host of the event, confirms, there is a need for protection and prevention measures that nowadays entities and companies can no longer neglect.
These are just some of the topics that companies, with our Mauro Cicognini, journalists and industry experts will discuss during the daylong event.
Next October 2, at 6 p.m. Fabrizio Cirilli will give a Webinar presentation to our CREST software for risk assessment according to ISO/IEC 27001:2022, distributed in SaaS mode.
Free access to CREST will be made available to all participants.
Innovations and Trends in Cybersecurity
28/09/2023
La Collina Dei Sogni
Albano Sant’Alessandro (BG)
A conference that will demonstrate live what happens during a hacker attack and how cyber criminals manage to get into companies. Most importantly, how to prevent dangerous situations, limit risks and prepare to resume business operations as quickly as possible.
Preparing for the future: navigating uncertainty with resilience and determination
Fabrizio Cirilli, Project Leader and Author
Dealing with topics such as Business Continuity in the ICT world has never been an easy task: beliefs, myths and standards come together in a mix of endless arguments and interpretations.
In the document you will then find what is necessary to clarify the possible relationships between DR and BC, how these can be developed and articulated in compliance with existing standards, a list of standards to refer to, and other elements of clarification that we hope will be useful for correct interpretation and application in the company.
On Monday, July 24, Corrado Giustozzi will be live from 12:30 to 1:00 p.m. on the Alphaville program of Radio della Svizzera Italiana (RSI Rete Due) to talk about security and geopolitical issues surrounding the U.S.-China competition over undersea cables for information transport.
The broadcast will be streamed on RSI’s website and the podcast will be embedded here.
Corrado Giustozzi will take part in the broadcast to talk about ransomware attacks toward public administration and possible prevention measures.
Today at 22:45 and Sunday at 14.00 (extended version)
On Thursday, July 20 at 5 p.m. Corrado Giustozzi will participate in the webinar “Digital Communication and the Impacts on Privacy,” which will be streamed live by Officine Dati.
Corrado will speak specifically about the problem of encryption in mass communications, i.e., the difficult relationship between individual privacy and national security.
Moderator: Nicola Fabiano, vice president of Officine Dati.
Participants: Matthew Wild, Executive Director – XMPP Standards Foundation, Giuseppe Alverone, Data Protection Officer.
Next July 17, at 5 p.m. Fabrizio Cirilli will give a Webinar presentation to our CREST software for risk assessment according to ISO/IEC 27001:2022, distributed in SaaS mode.
Free access to CREST will be made available to all participants.
CONNETICAL
Opportunities and Challenges.
Thursday, June 22 at 5:30 pm new meetup at Binario F in Meta.
This time we will talk about Cybersecurity by analyzing together with many experts the technical and legal aspects of the new European rules (NIS2 and DORA)
On June 15, we look forward to seeing you at the third edition of Healthcare Security Summit 2023, the virtual dedicated event on cybersecurity in healthcare.
Moderator: Alessandro Vallega.
How you can help public administration and companies understand the challenges they will face in the months to come.
A unique opportunity to raise awareness of the danger, to understand the sources of risk and how attackers operate, and thus to make good choices on how to deploy the limited resources available.
The event is organised by Clusit Community for Security in partnership with Rexilience, Studio Legale Ristuccia Tufarelli & Partners and MM SpA.
At the end of the event, the book “Rischio digitale Innovazione e Resilienza” and free access to the CYBER RISK software for risk management according to ISO/IEC 27001:2022 will be distributed.
Attendees: Fabrizio Cirilli, Cosimo Comella, Luisa Franchina, Giovanni Gelpi, Corrado Giustozzi, Marco Locatelli, Paola Meroni, raffaele munari, Pieraldo Pistocchi, Stefano Quintarelli, Eliana Sessa, Luca Tufarelli, Alessandro Vallega.
How you can help companies and public administration to understand the challenges they will face in the months to come.
A unique opportunity to raise awareness of the danger, to understand the sources of risk and how attackers operate, and thus to make good choices on how to deploy the limited resources available.
The event is organised by Clusit Community for Security in partnership with Rexilience, Studio Legale Ristuccia Tufarelli & Partners and MM SpA.
At the end of the event, the book ‘Digital Risk Innovation and Resilience‘ and free access to the CYBER RISK software for risk management according to ISO/IEC 27001:2022 will be distributed.
Attendees: Fabrizio Cirilli, Cosimo Comella, Luisa Franchina, Giovanni Gelpi, Corrado Giustozzi, Marco Locatelli, Paola Meroni, raffaele munari, Pieraldo Pistocchi, Stefano Quintarelli, Eliana Sessa, Luca Tufarelli, Alessandro Vallega.
We will talk about cyber attacks in healthcare – the evidence gathered by Clusit
Alessandro Vallega (Senior Partner rexilience, CLUSIT Italian Association for Information Security, Milan)
Please note that the session will be in Italian.
More and more often one hears about Supply Chain Security, and companies and public administrations have realised that their degree of security also depends on that of their suppliers. Incidents of course there were. In addition, there are increasing compliance obligations that require the company to control its supply chain.
In this webinar, the problem is explained and organisational approaches, best practices, compliance obligations and opportunities for improvement of the Third Party Process Management (TPRM) process are presented.
The session is in Italian.
With Mauro Cicognini, Founding Partner of Rexilience and Scientific Committee of #Clusit, we will talk about the cybersecurity scenario today and how it has changed in recent years.
Here the LN post with pictures of the event
Session in Italian.
We will talk about third-party risk in supply chains, and the specific exposure to it for Italian SMEs, within an event by Confartigianato Treviso.
Please note that the session will be in Italian. Attendance to this event is reserved to Confartigianato members and invitees of theirs.
We will take part in the panel discussion on Supply Chain Security.
Please note that attendance to the Symposium is generally payable, but free passes may be available via the event Sponsors.
We will take part in the panel discussion on the evolution of threats to security and privacy.
Please note that attendance to the Symposium is generally payable, but free passes may be available via the event Sponsors.
Tommorrow we will be presented the book “Supply Chain Security” edited by the Community for Cybersecurity.
We will meet the audience at the CLUSIT Cyber Security Summit in Milan.
The stop of Libero and Virgilio e-mail services for over 4 days, a particularly rare but also very serious episode, leads us to talk about of the all too often undervalued e-mail services. We try to understand how use them in a more conscious, shrewd and prudent manner.
But in week we have also recorded the shutdown of some services of Microsoft (and other companies). Preparing for such events is increasingly important, explains to 2024 Corrado Giustozzi, cybersecurity expert and partner at Rexilience.
We will talk about “Cybersecurity: the dark side of the net”
Who are the perpetrators?
How is the EU defending its strategic infrastructure?
The webinar will present an overview of the relationship between AI and cybersecurity, exploring both the possible risks arising from the development of malicious AI and the vulnerabilities of AI to specific attacks aimed at deliberately misleading them. Among other things, we will try to answer the following questions:
3 panel discussions on topical issues: cyberwarfare and cyber resistence, digital forensics as a law enforcement tool for cyberterrorism and cyberwarefare, crypto-asset.
The webinar presents the state of the art and how risk has entered EU laws and regulations, indicating best practices, methodologies and products that can be used.
The XIX National Congress of “US ANSSAIF” will be held, of whose Scientific Committee I have the honour of being a member.
We has participate with a speech on the “unthinkable complexity” of cyberspace, one of the key factors at the root of modern cybersecurity problems.
The event has been held in person and remotely via streaming.
Tools for implementing resilience in our organisations; methodological approach and certification of management systems.
In addition to the chairmen Corrado Miralli, Physical & Cyber Security Manager, Saipem S.p.A. & Chair of BCI Italy Chapter and Alessandro Manfredini, Group Security & Cyber Defence, a2a & Chair of AIPSA, coordinated by SKY’s competent journalist Mariangela Pira, we presented the paper:
TOOLS FOR IMPLEMENTING RESILIENCE IN OUR ORGANISATIONS – a methodological approach and certification of management systems.
We talk about the foundaments of Internet.
We talked about supply chain security, processes and technologies.
The IV edition of the annual event dedicated to AI.
Cyberspace: unthinkable complexity.
Brainstorming on the 10-year future of cybersecurity (and digital).
The National Cybersecurity Strategy 2022-2026 and implications for enterprises.
Cybersecurity of Transport Infrastructures.
The Namex Annual Meeting is divided into three sessions. In the first part, has been discussed the development of new cloud and edge computing models that are designed to bring content closer to end customers. In particular, the progressive process of decentralization of Internet eXchange Points.
The second session introduced the state of the art of threats to network security and the progress of the national cybersecurity strategy.
Finally, the last part of our plenary was focused on the experiences of some of the leading game changers in the Italian digital market.
Organized in partnership with the Microsoft company and FB&Associati.
Business has changed: start-ups, innovative SMEs, large companies that focus on technology are at the centre of the country’s industrial policy.
We must define the offer and image of Italian innovation to position ourselves on the international market.
Doctors, risk managers, IT professionals and cyber experts will discuss the adoption of an approach to cyber risk that leverages the strong risk culture already present in healthcare. In order to understand the limiting factors and leverage the obvious opportunities that a multidisciplinary approach so present in healthcare can represent.
The initiative is organised by Clusit, in collaboration with AIIC, AISIS, ANRA, AUSED.
We will give a speech as an internal professor at the opening conference of the 7th edition of the Master in Cybersecurity at Link Campus University in Rome.
Recent cyber attacks against Italian and European governmental and institutional entities have raised concerns about a potential cyber war, conducted within the broader framework of the conflict between Russia and Ukraine. What are the actual threats to national and EU security? What strategies have been implemented? And what are the models to be inspired by?
The event, organised by ISPI in collaboration with the Ministry of Foreign Affairs and International Cooperation.
We will be the live guest of Gianluca Nicoletti on his programme Melog on Radio 24 to talk about cyberwarfare and Russian attacks, real or presumed.
PART ONE | CYBERSECURITY YESTERDAY AND TODAY
Keynote “Cyber: a three thousand years long history”
PART TWO | STRATEGIES FOR CUTTING-EDGE SECURITY
“The asymptotic CyberSecurity: how to integrate your choices in the organizational rationality”
Comment on the discussion going on in our country on the necessity and advisability of having IT security products such as antivirus developed in Italy.
The Clusit Community for Security, directed by Alessandro Vallega, introduced the thirteenth publication (free download from https://c4s.clusit.it) entitled “Innovation and resilience of digital risk” whose writing is the result of the collaborative work of 80 experts in the sector.
With Dell Secureworks: Cloud Security – technologies in (R)evolution!
With Dell Secureworks.
Rexilience participates to the webinar organized by the Italian Association for Computer Science and Automatic Computing on “Cybersecurity: the other face of digital”.
Respecting a tradition that is renewed since the first edition, we will be once again among the speakers of the beautiful Conference of Legal Informatics of the College Ghislieri of Pavia, now in its sixteenth edition and entitled this year to the memory of its founder and animator, as well as dear friend, Prof. Romano Oneda.
The conference, dedicated to the delicate topic of Artificial Intelligence, will be held in presence in the Aula Magna of the College in compliance with current anti-Covid measures, in particular with regard to the possession of Green Pass.
The speech of Prof. Giustozzi, entitled “Intelligent but naive: how to fool the AI” will focus on “adversarial attacks” aimed at confusing and deceiving artificial intelligence.
Admission is free but it is necessary to book your participation. The conference will also be streamed on the College’s YouTube channel.
The topic is juicy and the speakers are fantastic, so we invite you to attend!
We talk about cloud for SMEs, between rights, development, security and revitalization.
Commendable initiative of Iusintech, with the participation of Guido Scorza (Consiglio del Garante per la protezione dei dati personali), Rita Eva Cresci (Iusintech), Maria Roberta Perugini (Iusintech), Giuseppe Fragola (MISE), Roberto Giacobazzi (University of Verona), Raffaele Conte (CNR), Paolo Costa (Spindoc), Roberto Moro Visconti (Università Cattolica del Sacro Cuore), Stefan Umit U. (4Securitas), Alessandro Vallega (Rexilience), Cesare Burei (MARGAS), Massimiliano De Gregorio (REVO Spac), Raffaele Barberio (Key4biz), Michele Zunino (Consorzio Italia Cloud), Jeff Zakar (Irideos), Laura Capodicasa (Irideos), Francisco Mingorance (CISPE).
In collaboration with Polis Open Learning.
Connecting Europe in a secure way and respecting the rights and freedoms of individuals, necessarily passes through the issue of digital identity. With the new EIDAS regulation, the subject of this session, several things will change, such as the public system for managing the digital identity of citizens and businesses (SPID), the Electronic Identity Card (CIE) and wallets to authenticate and access services.
Speakers: Antonino Vaccaro, Corrado Giustozzi, Fabio Sammartino, Lior Tabansky, Mirco Marchetti, Gabriele Carrer.
We try to understand what difficulties there are in investigating the perpetrators of these criminal actions with Eugenio Albamonte, a magistrate specialised in investigating cybercrimes and cyberterrorism.
Digital transformation gallops. Cybersecurity incidents grow exponentially. New laws and regulations try to get us to respond. Technology improves for defenders but unfortunately also for attackers and creates new privacy challenges.
This session wants to give some insights on what will be our world in 10 or 15 years without pretending to answer all the questions. We will have the pleasure to hear the opinion of Eline Chivot who is senior adviser on digital policy at the European People’s Party (EPP) in Brussels (speech in English) and of some of the team leaders and participants of the Clusit Community for Security who have been discussing this issue for a long time in its working groups (https://c4s.clusit.it).
Explains what it is and why there has been so much talk about it in recent months.
The conference will provide an opportunity to discussion and comparison on related aspects to the human factor in data protection personalities, now increasingly coveted relevant.