In the annual report just presented to Parliament byNational Agency for Cybersecurity the word “Sicily” appears only once. Alongside a 1.5 million Pnrr loan for the construction of a Cirst, Computer security incident response team, a “local cyber incident response team, dedicated to prevention and response cyber risk mitigation“. The figure may appear modest (1.5 million, to make a comparison in terms of safety, is the amount allocated by the Region for the construction of new police station in Niscemi, in the province of Caltanissetta), but is the same as that received by the other Regions. In fact, the total financing is 28.5 million, equally divided between 19 administrations (Valle d’Aosta is excluded). The resources from National recovery and resilience plan for cybersecurity they are much higher (623 million), but the largest share is assigned to central administrations: Ministries of the Interior, Justice, Defence, Carabinieri, Guardia di Finanza and Council of State.
Read also – Cybersecurity: one euro invested, three saved. The risks to data are very high
Cybersecurity, the dangers for administrations
Yet the theme of IT security in local authorities it is not to be underestimated. A few days ago the Privacy guarantor fined over 400 thousand euros Lazio region, the investee company LAZIOCrea and the ASL Roma 3 for “thecyber attack on the regional health system occurred on the night between 31 July and 1 August 2021.” According to the Guarantor, the cyber attack was due “mainly to the adoption of systems not updated and to failure to adopt adequate security measures to promptly detect violations of personal data and to guarantee the security of computer networks”. Also in Sicily, recently, there have been cases of cyber attacks on public administrations. Like the one that occurred in the summer of 2022 against the Municipality of Palermo, who denounced “the publication on the dark web of documents containing personal data of its employees and users of some Administration Areas, following the violation of the Datacenter managed by the investee company Sispi spa”.
Read also – Sicilian micro and small businesses, cyber crimes increasing by 12%
The most common crimes and the funds allocated for Sicily
In short, the danger is around the corner. According to him latest data communicated by Fabi, Autonomous Italian Banking Federation, in 2023 “the Sicily it is in third place among the regions where the most people are alerted for possible cyber attacks (8.4%), next Lazio (19.6%) e Lombardy (13.6%)”. In the sights of hackers there are “Tax ID code (57.5%), e-mail (30.1%) e telephone (8.2%)”. Accessible by anyone because they are “frequently detected on the open web”, including on Public administration sites. In short, protecting yourself is a duty. The establishment of regional Cirst, according to the National Agency for Cybersecurity, goes in this direction. The million and a half mentioned in the report, in any case, is only a part of the resources available of Sicily for cybersecurity. At the end of last year the president of the Region Renato Schifani announced the availability of 26 million financed through the Pon Legality, “to ensure that the digitalisation of our system continues, because so too security will be greater“.
Read also – Violence on the web. Privacy guarantor: body exhibited, celebrated and violated
Difficulties in the Pnrr monitoring sites
Returning to the Pnrr, also the cybersecurity chapter must undergo a rigid deadline calendar. Administrative obligations (milestones) had to be achieved “by December 2022”, while the concrete results (target) are expected “by 2024”. The creation of Cirst centers is part of these objectives. Monitor it state of implementation of the interventions it is not easy. There page dedicated to the Pnrr on the website of the National Agency for Cybersecurity it generically promises “an investment program for an even safer country”, but does not provide further details. As for the Italia Domani portal of the Government, at the time of writing the “Cybersecurity” page shows the screen “Error 404”. Code that according to the HTTP protocol indicates that “the requested resource was not found but may be available in the future”. But that according to the specialized portal Cybersecurity360 it can also be used by hackers “to hide one web skimmers And steal credit card information from unsuspecting victims“.
