5 questions to...
Roberto Pignani

Interview with the Cybersecurity Director of Engineering.

Since 2023, Roberto Pignani has been the General Manager of Cybertech, the Engineering Group company that, with over 450 clients, 300 specialists, and a presence in more than 20 countries, stands among the leading players in cybersecurity in Italy and Europe.

Together with his team, he develops the most advanced and effective cybersecurity strategies, ensuring constant monitoring of evolving threats.

Roberto holds a degree in Business Administration from Roma Tre University. Throughout his career, he has led consulting teams in national and international technology-driven companies in the public sector, telecommunications, media, and finance industries. He has managed business and offering development, contract acquisition, delivery activities, as well as people development and P&L management.

In 2017, he joined one of the world’s leading consulting firms, where he worked for the past five years as Managing Director.

1. HOW HAS THE FOCUS ON CYBERSECURITY INCREASED IN RECENT YEARS, AND WHAT FACTORS HAVE MOST CONTRIBUTED TO THIS GROWTH?


In recent years, the growing interest in cybersecurity among companies, both in Italy and across Europe, has been driven by multiple factors. Foremost among them is the exponential increase in cyberattacks, such as ransomware and phishing, along with targeted attacks on critical infrastructures, which have highlighted business vulnerabilities. Every day, there are reports of large companies being hit, with significant economic and reputational consequences.

Another crucial factor is the increasing regulatory awareness. In Europe, the GDPR introduced strict requirements for the protection of personal data, while the NIS2 Directive imposed even more stringent obligations for essential infrastructure. This regulatory pressure has led many companies to strengthen their defense systems.

Additionally, we cannot overlook the accelerating effect that the transition to remote work has had on this transformation. This shift has created new attack surfaces for cybercriminals, making the adoption of advanced security measures indispensable. Today, cybersecurity is recognized as a strategic priority, extending far beyond a traditional IT concern.

2. HOW HAVE INCREASING MOBILITY, CLOUD ADOPTION, AND OT EXPANSION INFLUENCED CYBERSECURITY APPROACHES, SHIFTING FOCUS FROM PERIMETER SECURITY TO DATA SECURITY FOR PEOPLE WHEREVER THEY ARE?


In the past, cybersecurity strategies focused primarily on protecting the corporate perimeter: firewalls, internal network protection systems, and physical access controls were the main defenses. With the rise of remote work, the migration of applications and data to the cloud, and the growing integration between OT and IT, the traditional perimeter has all but disappeared or, rather, has significantly expanded and blurred.

One of the most significant changes has been the shift in focus from protecting only internal corporate assets to protecting data, regardless of location. People now work from anywhere, accessing corporate resources via personal devices and often through unsecured networks. This has forced companies to rethink their defense strategy, adopting models like Zero Trust, which does not assume that an internal connection is secure but instead verifies each access, user, or device before granting authorization.

In parallel, cloud adoption has necessitated new control methodologies. Many companies no longer manage their own physical servers but instead rely on cloud services, which involve shared responsibilities with providers. Protecting data and applications in this distributed environment requires sophisticated approaches, such as advanced encryption and security-as-a-service solutions.

The expansion of OT, such as industrial automation systems, has introduced new vulnerabilities. Once isolated, these systems are now exposed to tangible threats due to their growing integration with IT. Therefore, adopting an integrated security approach is essential to protect the entire organization, from the cloud to production facilities.

3. HOW DOES ENGINEERING HELP COMPANIES ACHIEVE SECURE DIGITAL TRANSFORMATIONS, ENSURING ROBUST DEFENSE AGAINST INCREASINGLY SOPHISTICATED CYBERATTACKS?


Digital transformation offers immense benefits but also exposes organizations to new threats. Our approach is built on three key pillars: technological innovation, strategic consulting, and operational capability.

We provide cutting-edge technological solutions, collaborating with top global security technology providers to develop solutions tailored to our clients' specific needs. Through this approach, we deliver integrated platforms that ensure security across networks, endpoints, applications, and the cloud. Our solutions leverage AI and Machine Learning to detect threats in real-time and mitigate risks before they can cause harm.

Our support goes beyond technology implementation; we also review business processes to ensure security throughout the digital transformation journey. In this perspective, we adopt a "cybersecurity by design" approach, embedding security from the earliest stages of transformation. Furthermore, we help companies comply with stringent regulations, such as GDPR and NIS2, ensuring their digital growth aligns with legal requirements.

We operate 24/7 Security Operations Centers (SOCs), continuously monitoring clients' networks and infrastructures to identify potential vulnerabilities and respond promptly to attacks. Through these facilities, we ensure continuous protection and maintain ongoing communication with clients, providing regular security updates and acting swiftly when necessary.

Cybersecurity cannot be entrusted solely to technology; people remain a critical part of defense. Therefore, we offer cyber awareness programs to train company staff, ensuring every employee becomes a strong link in the security chain.

4. HOW CAN THE COMBINED ADOPTION OF CYBERSECURITY TECHNOLOGIES AND SOLUTIONS ENHANCE A COMPANY'S PROTECTION, ESPECIALLY IN CRITICAL SECTORS LIKE MANUFACTURING AND INDUSTRIAL INFRASTRUCTURE?


Consider, for example, the use of Digital Twin technology, a transformative tool for optimizing business processes and cybersecurity, especially in vital sectors like manufacturing and industrial infrastructure. When effectively deployed, this technology can be instrumental in defending against cyber threats.

 

A major advantage of the Digital Twin is its ability to provide a unified, real-time view of the entire corporate system. With this holistic perspective, companies can simultaneously monitor operational infrastructure and IT systems, quickly identifying vulnerabilities and anomalies before they escalate into actual attacks, thereby enabling more effective security measures.

We also offer the capability to simulate attack scenarios in a virtual environment without impacting real operations. This allows companies to run cyberattack simulations, evaluate the impact of potential threats, and test the effectiveness of countermeasures, improving incident preparedness and bolstering disaster recovery.

Another critical feature of the Digital Twin is the integration of security from the early design stages, which allows companies to take a “cybersecurity by design” approach and minimize vulnerabilities in operational technologies.

The growing integration of OT and IT systems in the industrial sector enhances risk management by allowing critical systems to be virtually replicated, enabling sensitive components to be isolated and protected. In this context, we help companies strengthen their resilience and prevent attacks that could threaten both IT infrastructure and physical security.

5. WHAT ARE THE FUNDAMENTAL ACTIONS COMPANIES SHOULD TAKE IMMEDIATELY AFTER A CYBERATTACK TO ENSURE A RAPID RECOVERY AND STRENGTHEN THEIR CYBER RESILIENCE?


Our mission is to provide strategic and operational support to ensure the security of infrastructures. Whether facing ransomware, phishing, or network intrusions, it is crucial to disconnect affected devices, block compromised accounts, and suspend at-risk services. A swift assessment of the incident's impact is essential, identifying breached data and analyzing the consequences on business operations.

Timely communication with employees, customers, and partners is vital to mitigate reputational risks. After containing the incident, attention should shift to restoring systems, ensuring they are completely free of any remnants of the attack, supported by a robust disaster recovery plan. Conducting a forensic investigation is critical to identify the attack's origin and the vulnerabilities exploited, implementing corrective measures such as software updates and ongoing cybersecurity training programs for employees.

Finally, reviewing and updating the incident response plan allows companies to optimize their defense strategies to effectively address future cyberattacks.

 

Today, cybersecurity is recognized as a strategic priority, extending far beyond a traditional IT concern.

Roberto Pignani Cybersecurity Director, Engineering