Leonardo 27 September 2016
It is in action 24 hours a day, 7 days a week, continuously working to protect crucial Italian and international infrastructure, pinpointing, in real time, possible cyber threats and attacks. You could say it is the modern Superhero, even if many people don’t know of it and its exploits, which are often kept secret for security reasons: but within the cyber world, the Security Operation Centre in Chieti, or SOC, has all the necessary credentials to be very internationally successful within the security sector. This Leonardo centre of excellence, inaugurated in 2014, immediately showed its potential. SOC guarantees a real time level of security, thus is an important referral point for the protection of Italy’s infrastructure.
SOC is located in a restricted area, and in order to guarantee the maximum security levels, the Centre was created in a high protection environment, protecting it from fire, water, electromagnetic fields, dust and other risks, such as intrusion and interference. The cell, where is the Super Computer is located, is an independent and free-standing structure, with fireproof steel panel flooring, ceiling and walls, both internally and externally.
Upon entering the room wherein lies the complex operative centre, you have the feeling that you are going to find yourself subject to the questioning that you often see in films. But the border between reality and fantasy is continuously overlooked by the Super Computer that supports SOC, capable of analysing and summarising the enormous mountain of collected data from the web and permitting the precise location of the perimeters of the threat in question.
Behind every fascinating story and even the most absorbing ones linked to the cyber world, there are two decisive factors that together allow the biggest challenges to be tackled: man, and the “machine” with its technology. The complexity of the security systems means that highly trained specialists are required in either the area of analysis and prevention of possible threats or in the most delicate phase, i.e. that of responding to attacks and prepare disaster recovery strategies. In the operative room there are about 45 analysts, a team of security experts who work daily on the data of thousands of clients, analysing around 13,000 security events, collected and then correlated every second by our system, managing 107 cyber incidents daily on average.
In the heart of SOC, a further specialist team was born, CSIRT (Computer Security Incident Response Team), composed of security experts and certified ethical hackers , who are able to manage the entire security cycle, from the attack to the full recovery of the system's functions.