Menu
unilab heat transfer software blog cyber security public sector

Improving cyber security in the Public Sector with PNRR

Figures recorded over the last few years relating to IT security breaches and cyber-attacks on institutions show how vulnerable cyber security in the Italian Public Sector continues to be. This is a far-reaching problem which has driven the authorities to include a specific chapter dedicated to improving this aspect in Italy’s National Recovery and Resilience Plan (PNRR).

Future investments in Italy’s public sector should therefore focus on IT security and more generally on all aspects of the digital transition. These two issues are fundamental because, as well as involving considerable financial investment, the planning they require is able to improve the efficiency of infrastructures and staff.

Key steps towards improving cyber security in the public sector

The Italian government has allocated funds of around 6.14 billion euros to investment in digitalisation processes in the public sector. Out of that amount, the sum destined for IT security is approximately 620 million euros and is mainly to be invested in the four macro areas below:

  • Improved management of alerts and other events involving risk;
  • Increasing the capacity to assess potential digital risks and more constant monitoring of security levels;
  • Greater attention to public security;
  • Increasing skills and resources of agencies responsible for national security.

Considering that these themes go hand in hand with the key points of the PNRR, focusing on the digital transition in the whole of Italy, cyber security in the public sector must be completely reviewed, in light of the many aspects also involved in the National Cyber Security Perimeter (PSNC).

While the introduction of the latter is designed to increase the safety of organisations responsible for national security such as certain public sector agencies, public and private companies, its efficiency depends largely on its ability to eliminate the still numerous vulnerabilities of the public sector itself, in order to ensure it functions effectively.

Critical areas and issues to resolve

If we examine the main issues regarding IT security in the public sector more closely, the frequency of certain specific critical points becomes clear, such as the frequent use of obsolete technologies or systems.

One example of this is the fact that most Italian institutions still rely on so-called legacy systems: digital tools long since superseded by more recent technologies, the use of which poses a significant risk to the security of data processing.

With the introduction of government funding, the adoption of new technologies based on the concept of ‘security by design’ and the introduction of more up-to-date solutions such as cloud are now top priorities. The use of cloud at national level would help the government to centralise the management of security standards, thereby enabling the introduction of the PSNC to be simplified.

As well as investing in technological aspects, it is also important to invest in staff training. In that regard, statistics clearly show that the majority of IT incidents (around 80%) is traceable to human error, not only on the part of inexperienced users but also involving those whose job it is to configure the various systems.

The PNRR therefore includes plans for investment of around 490 million euros in the provision of training courses, including reskilling and upskilling, aimed at public sector IT personnel. Furthermore, managers will be employed to handle the digital transition, whose main responsibility will be to help employees learn best practices regarding cyber security.

 

Translated by Joanne Beckwith

Alice Sommacal

I am a Project Manager, Journalist, and a Blogger who is Passionate about writing. I believe that in every phrase there is scope for improvement and that every original version of a text should be perfected, by fine-tuning the words until a truly special result is achieved. It is thanks to these views that I have learnt the Difference between being Ordinary and Extraordinary: an abyss, which anyone wishing to satisfy their readers cannot afford to overlook.

→ Alice Sommacal

Related Posts

This website uses cookies to enhance your browsing experience and ensure the site functions properly. By continuing to use this site, you acknowledge and accept our use of cookies.

Accept All Accept Required Only