Sommario:

Article 1. The Cloud Centric Economy and the Cyber Risks (Simone Russo) - Article 2. Why Business Is Moving to Cloud (Nicolò Moschi) - Article 3. Integration Process and Hybrid Models: Is This Increasing Cyber Risks? (Riccardo Fabbri) - Article 4. The Cyber Risk Metamorphosis (Antonio Giannino – Giovanni Artese) - Article 5. The Compliance and Cybersecurity Entanglement (Francesca Valenti – Enrico Amarante – Federico Sertori) - NOTE

1. Introduction and Concept Computers and softwares have changed the world we live in today, they have transformed our lives, they offer incredible opportunities to our economies and have deeply reshaped the way we interact among each other, both in our social lives and in our business, affecting human relationships, the way we work, how we access services and products, but also assisting us in our daily tasks, deeply changing the perspectives of our future. Nonetheless, the digital transformation exposes all of us to new risks, starting from the tangible cybersecurity threats to the more remote and profound ones connected to future developments of Artificial Intelligence (“AI”). The humankind can tremendously benefit from the effect of the digital economy and can mitigate the risks of cyber-threats by adopting new IT measures, establishing a cybersecurity culture at corporate board level, empowering more cybersecurity information officers (CISOs) and risk managers to improve companies’ cyber resilience, and introducing compliance measures and policies to take into greater consideration and monitor cybersecurity risks. AI has unique potentials to increase global productivity and GDP, to enhance scientific discoveries, and to create enormous breakthroughs in any aspect of our society. Nonetheless, the AI advances on a very unpredictable trajectory since it compounds an exponential amount of data with increasing computing power at a speed which we humans [continua ..]

» Per l'intero contenuto effettuare il login inizio

Enterprise cloud consumption has been growing at double digit for the past few years and global cloud revenues have reached around 500 Billion USD in 2022. We are still far from the peak: cloud consumption will continue to grow at a compound annual growth rate (CAGR) of approx 17% in the next 5 years, and the global cloud computing market size will surpass 1 Trillion $ by 2027 [23]. But why is business moving to the cloud? Quoting distinguished Vice President at Gartner Milind Govekar, the crisp answer might be “[because] there is no business strategy without a cloud strategy”. This would explain why 85% of organisations will embrace a cloud-first principle by 2025 [24]. Most of the benefits of the cloud are already quite clear and acknowledged by the vast majority of players: cost saving on maintaining and supporting equipment, a more flexible cost structure, easier up and down scalability, greater effectiveness in assuring business continuity and disaster recovery. Nowadays these foundational concepts are well known and accepted in most organisations. However, businesses are now exploring other advantages of the cloud. One of these is security, which is already recognized as one of its top benefits by two out of three executives [25]. This is not surprising, since a cloud environment can definitely minimise the risk related to outdated systems, patching, lack of security practices (e.g. data encryption) and poor investments, which are some of [continua ..]

» Per l'intero contenuto effettuare il login inizio

1. Hybrid Cloud Model: Benefits and Risks Modern infrastructures need a different and broad approach to cloud computing: private cloud offers a higher level of security and privacy but it requires the same staffing and operations of a traditional datacenter; public cloud, on the other hand, is convenient, scales quickly and has a wider portfolio of services ready-to-go, but it doesn’t offer the same control over sensitive data. With the use of hybrid cloud models, organisations are able to use and leverage a combination of on-premises infrastructure, private cloud and public cloud services. This model can provide greater flexibility, highly scalability and more control over sensitive data. But due to its intrinsic complexity and the lack of real industry standards, it also introduces some potential new risks in terms of cyber security, for example: • data security: data may be stored and processed in multiple locations – this can make it more challenging to ensure that data is always secure at rest and in transit and to prevent unauthorised access; • compliance: as data may be subject to legal and regulatory requirements depending on where it is stored and processed, it can be more difficult to ensure a full compliance and to monitor it over the time; • integration: the integration process of different environments, based on different technologies and standards, can be complex and can introduces security vulnerabilities in the design or in the [continua ..]

» Per l'intero contenuto effettuare il login inizio

1. Introduction This essay aims at depicting the evolution of cyber risks, investigating the very roots of cyber security and the current cyber attacks. Whilst cyber security is considered a vast and fragmented topic, the authors wish to identify its transformation pattern, eventually identifying solutions generally accessible to the public to mitigate and counter cyber risks and cyber attacks. Provided that a common definition of such topics is still debated in literature by a number or scholars and professionals, and considering the vast exploitation of social engineering, for ease of reference, the authors wish to further investigate and deep the definition of a cyber attack as “an attack initiated from a computer against a website, computer system or individual computer (collectively, a computer) that compromises the confidentiality, integrity or availability of the computer or information stored on it” [41] by considering that a cyber attack might not just be initiated from a computer. In fact, seventy to ninety percent of all malicious breaches are due to social engineering and phishing, which may not be initiated from a computer; hence the generalisation of the definition above [42] as “an attack initiated from an individual, a group of individuals or a computer that compromises the confidentiality, integrity or availability of the data in transit or stored on a technological means”. A cyber attack is a harmful phenomenon which [continua ..]

» Per l'intero contenuto effettuare il login inizio

1. Introduction: Building a Cybersecurity Culture in the Organization This essay aims to highlight the impact of corporate compliance in enhancing cybersecurity within the organisations by outlining, with a practical approach, the factors which can lead to a dynamic human and technological infrastructure, able to deal with the constantly increasing cybersecurity threats [57]. Even thus it is essential component within the corporate environment, technology itself is not enough to defeat the cyber attack threats and shall be combined with a security-oriented culture in order to address the so-called “cultural threats”, such as the lack of controls and policy enforcement, the expectations of rational behaviour and the lack of proper communications and training. [58] The culture and the values conveyed by corporate leadership are crucial for fostering the right attitude toward the ever-changing security challenge, the innovative techniques and tools deployed by cybercriminals in cyber-attacks. This entails raising awareness on the significance of such threats, their impacts on the organisation, the potential damage produced by the individual conduct and the need for collective efforts and coordination within the departments. [59] In particular, it is important to get to the bottom of the corporate subculture in which physical individuals operate to minimise the exposure to cyber attacks and data corruptions. In fact, employees are often the target of [continua ..]

» Per l'intero contenuto effettuare il login inizio

[1] M. Mewhinney, “NASA Science and Engineering Achievements to Be Featured”, NASA Ames Research Center, 2006, https://www.nasa.gov/centers/ames/news/releases/2006/06_79AR.html. [2] The concept of “Cloud Centric Economy business model” was firstly introduced by the author at the Abu Dhabi Finance Week on 15 November 2022. [3] K. Schwab, “The Fourth Industrial Revolution: what it means, how to respond”, World Economic Forum, 2016, https://www.weforum.org/agenda/2016/01/the-fourth-industrial-revolution-what-it-means-and-how-to-respond/. [4] European Commission, “Key technologies to boost the digitalisation of transport”, 2022, https://digital-strategy.ec.europa.eu/en/policies/technologies-digitalisation-transport. [5] Kearney, “A new normal: fortifying your distribution channels in a world post-COVID-19”, 2020, https://www.kearney.com/financial-services/article/-/insights/a-new-normal-fortifying-your-distribution-channels-in-a-world-post-covid-19. [6] Fintech News, “Why are traditional firms spending millions on Fintech in 2022”, 2022, https://www.fintechnews.org/why-are-traditional-firms-spending-millions-on-fintech-in-2022/. [7] C. Elding, R. Morris, “Digitalisation and its impact on the economy: insights from a survey of large companies”, published as part of the ECB Economic Bulletin, Issue 7/2018, European Central Bank (ECB), 2018, [continua ..]

» Per l'intero contenuto effettuare il login inizio