Cybersecurity

Beyond 2025

OTS Company, as a partner of the CS-AWARE-NEXT, represented the project at the international digital technology and innovation exhibition “Beyond”, which took place from 4 to 6 of April 2025 in Athens, Greece.

Beyond fosters the development of innovative technologies and business opportunities, while it aims at creating a hub that promotes collaboration and encourages the exchange of knowledge and ideas. It is a great opportunity for global innovators, researchers, and start-ups to connect. This year, the title of the exhibition was “AI Reality Bites” and focused on artificial intelligence and all the factors that come along as it integrates society. Cybersecurity was also a key theme: there were experts who demonstrated live, discussed in panels and showcased in workshops the importance of it and how a user or an organization can be safer online.

Continue reading

Cybersecurity in Italian Municipalities: A Growing Emergency

In recent years, the digitalization of Public Administration has increasingly exposed the cybersecurity vulnerabilities of Italian municipalities. Hacker attacks are multiplying, targeting public offices and essential services, while institutions struggle to respond with new regulations and protective measures. However, the problems persist, and municipalities often find themselves unprepared in the face of increasingly sophisticated threats.

Rising Concern Over Cybersecurity in Municipalities

According to data from the National Cybersecurity Agency (ACN), in 2024 about 18% of cyberattacks targeted Public Administration, particularly affecting local authorities and healthcare centers. This alarming trend prompted the government to respond with legislative measures and security strategies.

Continue reading

Social engineering - the Jedi mind trick of cyberattacks.

“These aren’t the droids you’re looking for”, “These aren’t the droids we’re looking for” - The iconic exchange between Ben (Obi-Wan Kenobi) and the Stormtroopers in Star Wars episode IV - A New Hope. A scene where our heroes are almost caught in a check-point, but are able to convince the enemy Stormtroopers to let them pass.

And while the cybercriminals haven’t graduated from the Jedi Academy, they can use similar techniques to manipulate you when you least expect it.

Continue reading

Information Society is leading the battle for Cybersecurity

The Ministry of Digital Governance (MDG) in Greece is implementing a set of projects through Information Society for the protection of public bodies against cyberattacks.

Cybersecurity in the public sector is crucial for safeguarding sensitive information, ensuring the integrity of essential services, and maintaining public trust. Government agencies handle vast amounts of personal data and critical infrastructure, making them prime targets for cyberattacks. Effective cybersecurity measures prevent data breaches, protect national security, and ensure the continuity of public services. By investing in robust cybersecurity frameworks, the public sector can mitigate risks, respond effectively to incidents, and uphold the privacy and safety of citizens.

Continue reading

The importance of user role definition and access restrictions

Many of us have seen the cinematic masterpiece called The Lord of the Rings and can recall the scene where Pippin Took touches The Palantír (the glass orb looking thing with the eye of Sauron in it) and thus gave said villain an insight to his mind.

The bad news: Sauron knows everything Pippin knows. The good news: Pippin doesn’t know anything!

At first there is the panic when Gandalf thinks Sauron now knows everything, then there is the calmness of realising the ‘fool of a Took’ knows nothing that Sauron can use. If we compare that to real life: The panic of knowing your systems have been infiltrated, then the calmness of realising that the access is very limited and doesn’t cover any of the important parts of the IT system.

Continue reading

New Cybersecurity Master's Program in Oulu

Cybersecurity is a new study option based on the research excellence in software security at the University of Oulu. The student specialising in cybersecurity will be able to design, develop, test and evaluate systems, software or hardware for security goals in the ever evolving digital landscape​.

As a whole, artificial intelligence and the development of different AI solutions play a role in all four study options. For example, the studies can contribute to various aspects of emerging edge computing and edge AI technologies.

Continue reading

New Cybersecurity Master's Program in Oulu

Cyber security is a new study option based on the research excellence in software security at the University of Oulu. The student specialising in cyber security will be able to design, develop, test and evaluate systems, software or hardware for security goals in the ever evolving digital landscape​.

As a whole, artificial intelligence and the development of different AI solutions play a role in all four study options. For example, the studies can contribute to various aspects of emerging edge computing and edge AI technologies.

Continue reading

CS-AWARE NEXT received support from the Horizon Standardisation Booster

Our project had the opportunity to receive advisory services by the HSbooster.eu that is a European Commission initiative aiming to provide expert services to European projects to help them to increase and valorise project results by contributing to the creation of new or improvement of existing standards.

As presented in the final expert report, ‘the whole HSBooster consultancy process with CS-AWARE NEXT went fluently and there was great support by the team of CS-AWARE NEXT to identify a suitable standardisation strategy for their envisioned project results’. It is also mentioned that ‘the CS-AWARE NEXT project is on a very good track’ and that we ‘have identified a clear and actionable target’ in terms of, amongst others, ‘adding an extension to the OASIS STIX public repository’. There is no doubt that this might potentially ‘pave the way for future standardisation impacts, i.e., the inclusion of the extension in the official STIX OASIS standard’. Standardisation is, as known to all of us that have been involved in one or some other way in such a process, a long shot, but also well worth trying.

Continue reading

Enhancing your security with open-source tools

With cybersecurity gaining increased attention in Italy, it has emerged as the top priority for digital investment among businesses in 2023. Notably, both large enterprises and SMEs recognize the significance of robust cybersecurity measures. Recent data reveals that a staggering 61% of organisations with over 250 employees have chosen to boost their cybersecurity budgets in the past year. Moreover, the Italian cybersecurity market is projected to witness remarkable growth, reaching a value of 1.86 billion euros in 2022, reflecting an exceptional acceleration of +18% compared to the previous year. In this article, we delve into the realm of monitoring and analysis, exploring the potential of open-source solutions to strengthen cybersecurity defences and address the evolving challenges faced by Italian organisations. Fluentd

Continue reading

Cybersecurity – a case for advanced decision models

Advanced attacks demand advanced countermeasures. On a technical level there already is an elevated level of awareness and readiness. That is why in a first wave of attacks criminals usually focus on tricking users into opening up systems for them . While this has now been the rule for at least over a decade, the way in which these attacks are prepared now follow an almost military style approach. With new, highly distributed environments, little protected IoT systems, tools based on AI, and the weakest link in the chain, the human, not being able to invest the needed time and resources in cyber security, the rise in successful cyber-attacks is predictable . While the need for education and training is commonly accepted, the necessary significant shift in countering cyber-attacks from a purely operational to a tactical and strategic level is still an open issue in many organizations. Policy-based reactions to cyber-attacks should have long ago replaced the still prevailing bug-fixing approach to dealing with an intrusion. However, there is some light at the end of the tunnel. Learning from military and business decision making, such long overdue model-based solutions are also finding their way into the field of cyber security. The first highly successful wave of these decision models is shaped by the now legendary OODA Loop , which properly links observations (e.g., OSINT cyber threat intelligence, system monitoring) with an advanced form of classification (called orientation). These two steps, when combined properly, can provide the critical situational awareness needed to make the right decision, on which the actions taken depend. Especially in distributed collaborative environments, which typically characterize the ecosystem of projects like CS-AWARE-NEXT , these models are a welcome game changer. When applied together with well-established cyber defence frameworks such as NIST/CSF , there is an opportunity to thwart even advanced AI-based attacks. Attacks are on the rise and their sophistication is growing, but better situational awareness, advanced military grade decision models and proven cybersecurity frameworks, when applied in an integrated way can equip Security Operations Centres with the necessary tools to successfully shelter the expected oncoming heavy attack storms.

Continue reading