Public Key
ZIP (2.03 Kb)
Download
Computer Emergency Readiness Team
Our line of defence against cyber threats
We at A2A pay great attention to the protection of the technological infrastructures that enable us to deliver business services and to the confidentiality, integrity and availability of our information assets, from the increasingly frequent threats that arrive from cyberspace.
For this reason, in order to prevent, counter and neutralize hostile events, we have set up our Computer Emergency Readiness Team, a multi-disciplinary team of cybersecurity experts who are our main reference point for the monitoring, analysis and sharing of information on the cyber threats to which we are exposed.
Security and monitoring
With a holistic approach to security, we implement a system of internal checks of which security operations are an integral part. In the event of identified cyber incidents, our team takes immediate action to contain the threats and ensure that the systems impacted are quickly restored.
We collaborate with national and international organizations, promoting interaction and exchanges of information in the cyber sphere with the common aim of increasing our knowledge and ability to identify threats so as to pre-empt risks and effectively respond to cyber attacks.
Our services, four pillars of security
More specifically, A2A-CERT provides its constituency with services of information security incident management (ISIM), cyber threat intelligence (CTI), security platform management (SPM) and active defence (AD).
Information Security Incident Management (ISIM)
We constantly monitor security events, both those detected automatically by perimeter technologies and those reported by users and external parties, in order to identify incidents and to respond promptly and effectively to contain the impacts and reduce the risk of such incidents happening in future.
Cyber Threat Intelligence (CTI)
We gather and analyse information on known and emerging cyber threats in order to increase our knowledge of the tactics, techniques and procedures used by threat actors, and consequently to prevent or pre-empt the occurrence of threats.
Security Platform Management (SPM)
We are responsible for the continuous management of the security platforms that deliver A2A-CERT services, in line with the main standards and best practice for the sector, with the purpose of enhancing our security posture.
Active Defense (AD)
With a proactive security approach, we work to identify technological and process vulnerabilities within our perimeter, and we undertake to seek out and neutralize potential malicious activity that is not detected by automatic monitoring systems. The final objective of AD is, in fact, to reduce the extent of our attack surface and mitigate the Group’s exposure to cyber risks.
Certifications ans Accreditations
A2A Cert, a member of FIRST – global Forum of Incident Response and Security Teams – since 2022
FIRST is the premier organization and recognized global leader in incident response. Membership in FIRST enables incident response teams to be more effective in responding to security incidents in a reactive and proactive way.
FIRST brings together a variety of cybersecurity incident response teams from government, business, and educational organizations.
It aims to promote cooperation and coordination in incident prevention, a prompt reaction to incidents, and the sharing of information among its members and the community in general.A2A Cert, accredited TF-CSIRT Trusted Introducer since 2022
The Trusted Introducer Service is the trusted backbone of infrastructure services and acts as the clearinghouse for all security and incident response teams.
It lists well-known teams and accredits and certifies teams based on their demonstrated and checked level of maturity.Trusted Introducer is one of the three components at the core of the TF-CSIRT portfolio: Task Force Meetings, TRANSITS and Trusted Introducer.
A2A Cert, ISO 27001 – information security management systems – since 2022
ISO/IEC 27001 is the auditable and certifiable international standard that defines the requirements for an ISMS (Information Security Management System) and is designed to ensure the selection of appropriate and proportionate security controls.
In so doing, it is possible to protect information, and to give confidence to stakeholders, especially to customers.A2A Cert, authorized to use the Carnegie Mellon University mark since 2022
The CERT Division at CARNEGIE MELLON UNIVERSITY is a leader in cybersecurity. It works with government, industry, law enforcement and academia to improve the security and resilience of computer systems and networks. It studies problems that have widespread cybersecurity implications and develops advanced methods and tools to counter sophisticated and large-scale cyber threats.
A2A Cert, established by A2A, protects the company 365 days a year against digital criminals, and monitors both cyber and industrial security threats, reducing the exposure and impact of attacks on the Group's digital and industrial services, applications, and assets.
