CYBER PROJECT: business processes and cybersecurity awareness at the heart of business education

The CYBER READINESS LEVEL is the result of Fondirigenti’s CYBER project, which saw the active participation of the SCAI Group through a training, prevention and awareness course on cybersecurity in the Piedmont region.

Presented on Nov. 7 at Eataly in Turin were the outcomes of the CYBER project, sponsored by Fondirigenti, implemented by Fondazione Piemonte Innova (formerly Torino Wireless) and promoted by theUnione Industriali di Torino together with Federmanager Torino/Apdai.

An eight-month course of work, dedicated to 25 managers from 20 SMEs led by a team of 10 professionals experienced in cybersecurity, privacy and organisational processes, with the goal of identifying, mapping and standardising the needs of companies in the Piedmont region in the broad area of cybersecurity

Against a global and national backdrop of growing cyber threats with ever-widening borders, the issue of cybersecurity is of paramount importance to put in place defense structures appropriate to the context in which one operates. Through role-playing, testimonials from companies such as SCAI Group, and high-level in-person training sessions, the participating companies faced each other from the ground up, working toward a comprehensive awareness process.

The clearest outcome, presented during the final event on Nov. 7 for an audience of managers and business leaders, was the Cyber Readiness Level: a tool for preventing and sustaining responsiveness and resilience to cyber attacks. To create the index, a questionnaire was submitted. It was structured into 5 thematic areas(protection, management and technologies, organisation and processes, compliance and regulations, and human factor) geared toward understanding the level of corporate security and providing insights into the most critical areas. The Cyber Readiness Level also provides a set of best practices, skills, tools, and  methods to be adopted, which are conveyed to enterprises through infographics and video pills, to prevent and sustain responsiveness and resilience to cyber attacks.

We brought SCAI’s experience both through direct use cases, thus dropped into the strategic applications of our reality – policies, guidelines, certifications, and IT systems – and through the presentation of the value offering for our customers, such as the SOC service proposed by SCAI Puntoit,” says Marco Zucchini, corporate Business Solutions Director of SCAI Group. “Regardless of the size of a company, to be sustainable and competitive in the market, every enterprise must develop a widespread, but also specialised IT security culture as well as adopt measures, roles, and regulations commensurate with the level of risks it may encounter. No one should feel exempt, rather address the issue in time as it was done in the CYBER project experience: from a technological, regulatory, and organisational point of view.” 

As it had already been the experience of Sailing – a path of comparison and co-design for companies from various sectors that led to the creation of the Business Resilience Index – for the CYBER project, SCAI Group saw the active and firsthand participation of Marco Zucchini, who brought the Group’s expertise. The referrals followed a twofold approach: on the one hand, a verticality of expertise in cybersecurity and, on the other hand, significant expertise in business processes. 

Massimiliano Cipolletta ‘s comment as President of Piemonte Innova Foundation: “Cybersecurity is a key part of digital transformation and increasingly a necessity in all sectors. It should not be available only to a specialised community of IT experts, but it should be integrated into all areas, including SMEs. Through this project, we have supported enterprises, particularly SMEs, which are the most exposed, toward an articulated cultural and design evolution to equip themselves with adequate tools and skills to ensure the protection of their data, processes and assets. With Cyber, we have proposed an approach that involves the entire corporate culture, a model made up of practical actions and best practices to be implemented before, during and after a potential attack.”