IT security: Italian companies are lagging far behind

A research by Politecnico di Milano revealed the main problems for companies in our country in IT security solutions

2016 will be remembered as the year of the hackers. There were first the breaches on Yahoo! accounts, then the alleged cyber-espionage during the US elections. All accompanied by the growth of ransomware attacks. In all this, what is the situation of Italian companies specialized in IT security?

With the constant increase of dangers on the Net, also in Italy the interest of companies in the IT security sector has grown. Cyber security solutions in our country in 2016 exceeded 970 million euros, with a growth of more than 5% compared to 2015 numbers. The biggest problem still remains planning, especially in the field of enterprises. Few realities buy packages for long-term protection (less than 40% of large companies). And few companies possess the figure of the Chief Information Security Officer, the management profile in charge of the company's information security.

Cyber Crime, the invisible threat that changes the world

These and other data were released during the conference "Cyber Crime: The invisible threat that changes the world," held at the Politecnico di Milano. The research was conducted by the Information Security & Privacy Observatory of the School of Management of the same Politecnico. During the presentation, Gabriele Faggioli, Scientific Director of the Information Security & Privacy Observatory said: "Cyber crime is a difficult enemy to fight, because it often remains invisible before creating problems not only for individuals but also for public order. The new trends of digital innovation such as Cloud, Big Data, Internet of Things, Mobile and Social require new responses that can no longer be postponed. The new European Regulation on the Protection of Personal Data creates some of the prerequisites necessary to arrive at a reference framework, which, however, requires to be understood and implemented."

The delay of Italian companies in the field of IT security

During the conference, it emerged that the IT defense strategy implemented by most Italian companies, as well as by institutions and organizations, is not always successful. The productive realities of our country, in fact, use almost exclusively tools for the prevention of hacker attacks, while there are few that have already active recovery plans in case of data loss (through a ransomware infection, for example).

As Alessandro Piva, Director of the Information Security & Privacy Observatory, points out, "In Italy many large organizations and companies are lagging behind in the protection of their systems compared to the rest of many European and world nations. Few have understood the implications between the new trends of digital innovation, such as Cloud, IoT, Big Data, Mobile, and security management". 

The risk runs on the smartphone

Although corporate smartphones are now part of the "standard equipment" that Italian companies provide to their employees, strategies are not always put in place to better defend sensitive data related to the activities of the company. The risks, in fact, are not only related to the possible theft or loss of mobile devices: more and more often, in fact, hackers aim to infect smartphones and tablets in order to have free access to the company's local network.

According to the data released during the conference of Politecnico di Milano, only 27% of organizations have set rules that limit the access and use of particular applications, while 61% have specific policies for the use of mobile devices. Less than a third (61% to be precise) have introduced technology platforms and tools such as Mobile Device Management (MDM) to limit smartphone and tablet use.