CYBER ATTACKS CONTINUE TO POSE A SERIOUS THREAT TO COMPANIES AND PUBLIC ADMINISTRATIONS. WE TAKE AN IN-DEPTH LOOK AT VULNERABILITY ASSESSMENTS AND BEST PRACTICES.
Despite the abundance of technologies and cyber security guidelines, the 2023 Clusit Report confirmed that the number and severity of cyber attacks is on the rise.
Italy has been severely affected by this phenomenon, and was officially “a target” in 2022, accounting for 7.6% of global attacks (compared to 3.4% in 2021).
To prevent cyber attacks, companies need to be aware of their security posture and have sufficient visibility into vulnerable areas that require constant updating and monitoring.
One effective way to gather such information is by conducting regular vulnerability assessments, which should be scheduled every six months or as required by sector regulations and company size. These assessments help to maintain visibility and control over the exposed perimeter and apply necessary remediations to ensure that it remains updated and secure.
Of the €623 million allocated to cyber security until 2026 as part of the National Recovery and Resilience Plan (NRRP), €15 million has been used to appoint a dedicated team with expertise in software analysis, develop professional static source code analysis tools, and perform vulnerability scans on the main software used by public administrations. The appointed team is also responsible for conducting periodic vulnerability assessments and web application penetration tests, analysing laboratory results, and evaluating operational processes.
IT systems can be vulnerable to cyber attacks when logical and systemic configurations are not properly applied to IT infrastructures, which can be exploited by attackers to gain unauthorised access and compromise systems. A configuration review, which seeks to strictly apply the guidelines and standards set by leading international security bodies, also plays an important role in preventing cyber attacks.
Raising the awareness of teams who manage infrastructure and its security is also crucial. It makes little sense to expose access ports and protocols to terminals and IT equipment management consoles on the Internet. At a minimum, accessing these systems should require a VPN network with two-factor authentication. These countermeasures, while necessary, are inadequate if system vulnerabilities are not identified and appropriately corrected. In addition, companies must strongly encourage their employees to complete security awareness training, improve their understanding of the risks and potential business consequences of cyber attacks, and educate them on the proper handling and use of access credentials for company IT systems.