Marco Di Costanzo, the Coordinator of the Industrial Cybersecurity Center in Italy (CCI Coordinators Team), helps us to get into context about the state of industrial cybersecurity in his country, and for this he shares his impressions below.
Describe the level of sensitivity of industrial organizations in your country according to the following percentages:
He also comments that the trend regarding concern about industrial cybersecurity in his country in the last year has been little growth.
Italy has national public bodies that ensure the creation of an adequate legal framework, which guarantees the progressive incorporation of industrial cybersecurity in the structures of companies with a national presence (mainly critical infrastructures), among the main ones it is worth highlighting:
- ACN (National Cybersecurity Agency)
- CNAIPIC (National Anti-Crime Center for the Protectionof Critical Infrastructures)
- NCC (National Coordination Centres)
Among the main national laws and regulations that I control in this context in Italy, Marco cites:
- L. 4 August 2021, n. 109 - Urgent disposal oncybersecurity, definition of the national cybersecurityarchitecture and establishment of the NationalCybersecurity Agency.
- L .18 November 2019, n. 133 - Urgent disposal on thenational cyber security perimeter.
As industrial cybersecurity measures distributed by Italy organizations to protect industrial automation systems, Marco Di Costanzo highlights the application of:
- Industrial Cybersecurity Consulting / Advisory
- Implementation of security management systems
- Internal security audits
- Conventional Firewalls
- SIEM (Cybersecurity Information and Event Management)
The CCI Coordinator in Italy characterizes the situation in his country regarding industrial cybersecurity through the following SWOT:
- Lack of operational technologies certifications, processes and professionals
- Lack of specific industry cybersecurity legislation
- Awareness, especially regarding industrial critical infrastructures
- Frequent events and forums on industrial cybersecurity
- Increase of Industrial cyber security trained professionals
- Slow legislation
- Shortage of local industrial cybersecurity professionals working for manufacturers
- Increased of cibersecurity demand for Industry 4.0 and the Internet of things
- Strategic position in the industrial cyber security sector