We at A2A pay great attention to the protection of the technological infrastructures that enable us to deliver business services and to the confidentiality, integrity and availability of our information assets, from the increasingly frequent threats that arrive from cyberspace.
For this reason, in order to prevent, counter and neutralize hostile events, we have set up our Computer Emergency Readiness Team, a multi-disciplinary team of cybersecurity experts who are our main reference point for the monitoring, analysis and sharing of information on the cyber threats to which we are exposed.
With a holistic approach to security, we implement a system of internal checks of which security operations are an integral part. In the event of identified cyber incidents, our team takes immediate action to contain the threats and ensure that the systems impacted are quickly restored.
We collaborate with national and international organizations, promoting interaction and exchanges of information in the cyber sphere with the common aim of increasing our knowledge and ability to identify threats so as to pre-empt risks and effectively respond to cyber attacks.
More specifically, A2A-CERT provides its constituency with services of information security incident management (ISIM), cyber threat intelligence (CTI), security platform management (SPM) and active defence (AD).
We constantly monitor security events, both those detected automatically by perimeter technologies and those reported by users and external parties, in order to identify incidents and to respond promptly and effectively to contain the impacts and reduce the risk of such incidents happening in future.
We gather and analyse information on known and emerging cyber threats in order to increase our knowledge of the tactics, techniques and procedures used by threat actors, and consequently to prevent or pre-empt the occurrence of threats.
We are responsible for the continuous management of the security platforms that deliver A2A-CERT services, in line with the main standards and best practice for the sector, with the purpose of enhancing our security posture.
With a proactive security approach, we work to identify technological and process vulnerabilities within our perimeter, and we undertake to seek out and neutralize potential malicious activity that is not detected by automatic monitoring systems. The final objective of AD is, in fact, to reduce the extent of our attack surface and mitigate the Group’s exposure to cyber risks.
A2A S.p.A. - P.I. 11957540153