Following the splendid DigEat Festival, organised by Digitalaw Srl in Lecce on 27-29 November, we feel it is useful to take a closer look at some of the topics discussed
Digital healthcare is still an absolutely critical element, also due to a non-federalised and heterogeneous organisation between regions. It is often the patients who suffer, but sometimes also the doctors.
Let us talk about e-mail and, in particular, ordinary e-mail and its reliability. Today we are talking about the reliability of a service that allows billions of messages to be
The ransomware threat has existed for more than ten years and in that time has developed into an increasingly sophisticated application logic that is difficult to detect and counter. Recently,
The relationship between data breach and the supply chain is often underestimated despite the fact that, for more than a decade, best practices have established useful methods and approaches to
On 19 December 2024, the National Cybersecurity Agency (NCA) published a document entitled‘Ransomware. Characteristics, preparation and response to ransomware attacks‘ with the aim of defining good practice for managing and
This summer was characterised by a number of quite interesting data breaches, including those against some Italian hotels.
On 31 July 2025, the data breach against the well-known company ACEA S.p.A. was published by the World Leaks group. The published data are many and would amount to some
We are approaching the summer period, an optimal time to draw some conclusions related to this first part of 2025, with a critical and never trivial look.
The Holy League is a cybergang involved in many socially motivated offensives: the main purpose of the Holy League is to protect certain Christian values. The Holy League is supposedly
The Sylhet Gang collective (also SG) has been involved in numerous cyber offensives such as the famous #OpIsrael and the even more famous #OpFreePalestine. It has very clear pro-Palestinian connotations
This is a fact sheet on the collective called Mr Hamza, which has been involved in numerous cyber attacks, including in collaboration with DieNet, discussed here.
The protracted war between Israel and Iran has also been characterised, predictably, by actions carried out on the cyber level. Let us try to delve into some of them in
A few months after the entry into force of NIS 2, security shortcomings continue to be found in many commercial sectors that are impacted by the European Directive and beyond;
Italy is facing an increasing number of cyber threats both in quantity and complexity, yet there seems to be no equally effective evolution in terms of cybersecurity. Let us try
Welcome to the ‘Cyber Anti-Sec’ security report covering the year 2024, in which the most relevant data, trends and data breaches will be analysed.
AIAD is the Federation, member of Confindustria, representing Italian Aerospace, Defence and Security Companies.
NIS 2 is bringing a number of compliance activities by private companies and public administrations, sometimes not very consistent with the regulations. Let us try to make some reflections on
The newsletter of the Garante per la Protezione dei Dati Personali (Italian Data Protection Authority) publicises as news measure No. 572 of 4 July 2024 concerning the data breach suffered
On 17 October, Italy will transpose the NIS 2 Directive(CELEX EU 2022/2555), and the expectation surrounding this directive raises a doubt: will the directive have any real usefulness or have
The idea that hackers only target the most industrially powerful countries is wrong; certainly the United States, China, Europe, are constantly at the centre of cyber attacks, but there are
A lot of information is circulating these hours about the arrest of the founder of the messaging service Telegram: Pavel Durov. Not all this information is correct, let’s try to
The Everest Group hit a notary firm and this data breach is likely to have truly dramatic connotations considering the type of target and the amount of data exfiltrated. Let
In Italy, there is a major problem in restoring health services following a computer incident, and it matters little whether the incident is caused by negligence or malicious intent. In
It is a term little known to the uninitiated, but dwell time is perhaps one of the most important elements to know for those working in cybersecurity.
On 24 May, the final event of the Mastercourse 2024 organised by ANORC took place in Milan: the event is called MEDDLE. On that occasion, I had the opportunity to
Apart from the legal obligations in the event of a data breach and thus the notification to be made to the Data Protection Authority, it is necessary to understand how
On the portal of the Garante per la Potezione dei Dati Personali (Italian Data Protection Authority), the measures against the Lazio Region, the company LazioCrea S.p.A. and ASL Roma 3
In the landscape of cyber risks, it is correct to make appropriate distinctions because risk classification and risk management is one of the most interesting topics to investigate. Among the
CSC control number 17 deals with‘Incident Management and Response‘ and is a very topical subject because, starting from the assumption that nobody is invulnerable to an IT incident, one of
