The audit activities, conducted by CSQA , a certification body authorized by Accredia, had the aim of evaluating the primary and secondary information processes within the perimeter of the Security Operations Center and the Computer Emergency Response Team, involving multiple aspects of Cyber Security , such as the response to IT incidents and data breaches, the threat analysis process and the technical tools for infrastructure management.
The completed certification process falls within the scope of the interventions to strengthen and improve cyber capabilities for the Public Administration wanted by the National Cybersecurity Agency , to achieve the milestones set within the PNRR.
We started from an analysis phase aimed at identifying the gaps in the SOC perimeter of the Air Force compared to the ISO 27001 framework, with the census and evaluation of the systems, security tools, related processes and management tools.
Subsequently, the actual revision and strengthening process began, which led the AM team, supported by the company Accenture, to draft the necessary documentation and the Procedures and Operating Instructions according to the criteria of the international standard.
The implementation phase of the interventions, aimed at mitigating potential security risks, ended with the improvement of the training processes on the Information Security Management System (ISMS) and the internal monitoring processes.
The certification process concluded last October 20th, highlighting, within the final Audit Report , the absolute value of the documentation produced, the high level of awareness and competence in the Cyber and Management System fields. Information from the AM personnel involved.
The delivery ceremony , in the presence of General Falzarano , constitutes another important moment for the Security Operations Center of the Armed Forces, currently engaged in the final operational phases of CYBER EAGLE 2023 , an annual exercise that tests the Cybersecurity capabilities of the SOC/CERT AM , allowing busy AM staff to exploit the innovative generative Artificial Intelligence tools, through the use of the enormous computational capacity of the supercomputing platform available at the ReSIA Data Center in Pratica di Mare.
Re.SIA operates under the 3rd Division of the Logistics Command , with the mission of designing, implementing and maintaining in operation the services and systems for the automation of functional areas, as well as promoting innovation through research and experimentation of new technologies in the IT sector.
The Department, the main IT hub of the Air Force, plays a key role in the constant process of digital transformation , while guaranteeing the Cyber Security framework for the IT infrastructures of the Air Force.