Cyber ​​Risk in Public Administration


In the last year, given the exponential use of smart working, hacker attacks on both private and public entities have increased dramatically. Among the various sectors at risk, we also find the public administration which has never been at the highest levels when it comes to cybersecurity. This was also highlighted in the document of the National Center for IT in Public Administration entitled «First Report on the State of ICT Security of CAPs».

In recent years the situation has improved greatly also following the various regulations aimed at mitigating the problem of cyber security but to date we are still not prepared to face the real risk that PAs run in terms of privacy.

What are the risks?

The risks of a cyber attack on PAs may concern:

  • Deprivation or theft of information
  • Block of services
  • Alteration of authoritative levels
  • Destruction of control and monitoring systems

These risks can materialize through:

  • Malware infection
  • Cyber ​​attacks
  • Credential/identity theft
  • Degradation/interruption and destruction of service.

Often, unfortunately, the weak link in the chain is the general employee, who is not adequately trained on cyber security issues. Precisely for this reason we not only need adequate technologies but also a culture of safety. While much emphasis has been placed on the culture of digitalisation, little has been done to raise the level of awareness of the risks this would entail. Cyber ​​security has always been approached with a «technical» approach but without teaching how to prevent them. In practice, it is like giving a driving license without teaching the rules of the road.

What the legislation provides

As established in the various Three-Year Plans for IT, public administrations should have a specific activity on ICT security issues. In force Piano 2020-2022 there is a dedicated chapter: the obligations for the public administration in terms of protection of personal data should be coordinated with the management of cybersecurity to avoid duplication, lack of alignment of activities and in any case less risk management.

But an important element is that security in public administration is not an option: European legislation on the protection of personal data requires specific and rigorous security measures with heavy penalties for non-compliance; the so-called EU NIS Directive and the related Security Perimeter require the protection of their services with adequate security measures with obligations on internal supervision and also in this case at the risk of high sanctions.

latest posts published

Lokky, the Italian data driven insurtech for professionals and SMEs

Lokky, the Italian data driven insurtech for professionals and SMEs

EconomyUp interviews Paolo Tanfoglio and Sauro Mostarda, Co-founder and CEO of Lokky Awarded as 'Best ...
An ally for cyber security: Load Balancing

An ally for cyber security: Load Balancing

Having a fast, high-performance and reliable website is a non-negligible aspect for those who have ...
Business Trend 2023 for SMEs, professionals and commercial activities

Business Trend 2023 for SMEs, professionals and commercial activities

The main trends of 2023 that you will need to consider in your business Digital ...
Occupational risks for pastry shops

Occupational risks for pastry shops

The pastry chef's activity involves the production of confectionery products, from the preparation of the ...
How to read a pay slip

How to read a pay slip

In collaboration with our partner F2Dwe decided to delve deeper into the elements that make ...
What are the most common cyber risks and how to protect yourself

What are the most common cyber risks and how to protect yourself

“Houston, we have a problem."Who doesn't know the words of Jack Swigert, pilot of the ...
Clinical Risk: What it is and What are the consequences

Clinical Risk: What it is and What are the consequences

In recent years, the responsibility of healthcare facilities has increased significantly and with this also ...
Commercial activities most affected by theft

Commercial activities most affected by theft

Theft, shoplifting and armed robberies are a plague for Italian traders. In Europe, Italy is ...
October is European Cyber ​​Security Month

October is European Cyber ​​Security Month

October is the European month dedicated to cybersecurity, a good opportunity to acquire new awareness ...
Estimating cyber risk: importance and difficulties encountered

Estimating cyber risk: importance and difficulties encountered

The biggest challenge regarding cyber security is to estimate cyber risk in a credible, sustainable ...

Leave a Reply

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *