Born in Rome in 1977, graduated in philosophy at LUMSA, she has been working in information security for fifteen years. In Poste focuses in particular on issues related to awareness and awareness, with projects to disseminate and share security culture and web content editing, with the production of content designed for a less technical audience. In her spare time she deals with scientific divulgation.
The research recently conducted by GCSEC together with Oxford University on skill shortage raises several interesting questions, especially for those companies that have a clear vision of the importance of information security and all the intention to be protagonists of the future cyber that is already here.
Why is there so much distance between the necessary and available skills? Where and how did the supply and demand mechanism jam at some point? But above all, looking to the future, what can a company actually do to fill the gap that has been created? How can you accompany your collaborators and employees in an articulated path that leads them to develop the knowledge and skills that are currently needed in the digital world? The tools are well known and all forward-thinking organisations make constant use of them: training courses, on-the-job training, e-learning, registration and collaboration with specialist groups, etc. However, in the face of the results of a research such as the one on skill shortage, it is spontaneous to add a further question to those already listed above: are these known and disseminated tools really effective, the best available? Or maybe, in such a changed and mutable era as the one we are currently living, we could not think of enriching and expanding the educational and training landscape, perhaps looking at the changes in customs that have occurred in the meantime even in the society not strictly digital? Today there are social networks, where communication is fast, immediate, very fast, and there are Netflix, Amazon TV and related services, which have transformed the TV series into one of, if not the most popular format, in which the brevity of the single episode or the season as a whole is crucial to retain the viewer. It therefore seems clear that, at the present time, effective communication, even when aimed at teaching, must necessarily go beyond the confines of the stiff and rigid classic training course and prefer more “smart” forms, able to win the attention and transmit the message even in a short time. Means of communication that take hold of the average public, not necessarily the technician or the expert user, because today computer security is a subject that affects everyone and everyone must be taught how to protect themselves and their information, no longer only to the superspecialized developer who must keep up with technological developments. It is therefore no coincidence that the CERT of Poste Italiane has undertaken for 2019 an innovative project in the digital landscape, namely the creation of a mini web series, in which the investigator played by Alessandro Curioni, publisher, entrepreneur, journalist, and author of the scripts, faces cases of cyber attacksthat really happened (and obviously a bit ‘romanticized for narrative purposes), showing how it is possible to become victims of malicious attackers, unwitting accomplices, even tools, and what techniques you need to use to understand what really happened.
14 episodes of 5-8 minutes, ranging from phishing, to CEO scams, to wireless attacks on the Internet of Things, “Investigations on a wireless network” is highly post-modern, cyber from editing to photography, marked by a linear communication suitable for a less specialized audience, but with solid and rigorous content that can pass the examination of even the most technical viewer. Not to
mention the quality of writing and directing, which make it attractive even for simple serial-addicts. The CERT experiment by Poste Italiane is innovative because it is the first of its kind in Italy, and probably also internationally, if you consider that the latest series on computer science was Mr. Robot, with the now Oscar-winning Rami Malek, who had a more technical and less family-friendly cut than these pills made by Alessandro Curioni. Surveys on a wireless network create for the first time a teaching tool that is in every respect also a high-level serial product. It is obviously an enrichment of the educational landscape, not a definitive solution: no film can replace an articulated study path, but the ease of communication and understanding offered by such media can contribute to spreading a real awareness and culture of information security, precisely because it addresses an inclusive audience, and deals with security for what it is: a theme that affects everyone.
Author: Sonia Ciampoli