Baldoni: “The Cybersecurity Agency will finance the young people who defend the country”

The National Cybersecurity Agency was created on June 14, 2021: less than two months later, Roberto Baldoni was appointed general manager. Baldoni was among the guests on the first day of Italian Tech Week 2022, the most important Italian conference on technology and innovation, at the Turin Ogrs, where he answered the questions of the director of Repubblica, Maurizio Molinari.

You are the man who watches over the safety of all of us, to whom we all owe the ability to navigate protected: what are the attacks we have suffered this year and what is the scale of the threats?
“This year the attacks have increased a lot, we noticed it in two moments: a month before February 24 and then in August. Some particularly sensitive sectors have been touched, such as energy and healthcare. On average, the number of attacks in Italy has grown more than in other countries, but the problem is obviously global ”.

How has the strategy of those who attack us changed?
“Until recently, there were criminals who used software written by them: they developed specific programs for it. In the last couple of years we have switched to using software that can be purchased ready-made, to be used to hit chosen targets. This makes the work of attributing the crime more complex, tracing the culprit, because it is no longer possible to disassemble the software to get clues as to who used it. Obviously, we have other tools to identify the perpetrators, because each criminal group follows its own tactics and procedures, which is something that helps us understand ”.

IT security

Baldoni, Cyber ​​Agency: “Draghi asked us for rigor and speed to make Italy safe”

by Arturo Di Corinto

06 July 2022

Have you noticed a difference between before and after the start of the war in Ukraine?
“Definitely yes. We were born a year ago as the National Cybersecurity Agency: on December 27, 2021, our operating regulations were published in the Official Gazette and a couple of weeks later, on January 14 of this year, the first campaign was launched. strong and decisive attack, followed by another campaign, the day before the invasion of Ukraine. It has been a continuous succession of alarms, which we have managed and which we have taken into account: people need to know that digital transformation is necessary, but it brings with it some problems. That must be managed by everyone: by us, but also by the IT security managers of the companies, passing through every single citizen. Everyone must adopt simple cybersecurity rules, because cybersecurity is not delegated ”.

How did the elections of 25 September go on the cybersecurity front?
“Given the geopolitical conditions that occurred after the invasion of Ukraine, it was clear that they would be a problem. Not so much for the type of paper vote, but for the management of the data flow linked to the results. That could be manipulated. Together with the postal police and the Ministry of the Interior we left a couple of months ago, we created a war room to deal with any attacks, with the attention that has been maximum in recent days. But we didn’t have any particular problems, and every situation was handled well ”.

VivaTech 2022

Cognitive cybersecurity, mental firewalls: the new frontiers to defend ourselves in the “digital wild west”

by our correspondent Jaime D’Alessandro

June 21, 2022

How do you join the Cybersecurity Agency?
“Cybersecurity is not a sport that is done alone, but that is done as a team. And it’s not just made up of technicians: we have them, but we also need legal experts, international relations experts and even young graduates. In October we will open a competition for them, precisely to encourage the entry of really young people. First of all, we are looking for smart and fast people, regardless of their skills: who know how to think quickly, because for us the speed of response is essential “.

Let’s talk about startups, about the possibility that you too will financially support them: do you have programs of this type?“We will start in a few months with a first call for incubators, because we want to have a mapping of startups at a national level. And then we will come to support, finance and even enter the capital of some companies, if it can be the interest for the country. We are the ones who say we are defending the country from cyberattack, but we know that we face a technological risk that must be managed: we must increase our technological capacity as a country and as Europe, because we have dozed a little too much on the cloud, on 5G. , on the chips. We need to do more, both as a nation and at the European level. Because we will never be able to achieve autonomy without having the skills “.

(text collected by Emanuele Capone)