The Italian State has decided to protect its critical operators, both public and private, by virtue of the "national cybernetic security". The computer wars fought in cybernetic space indeed represent one of the greatest risks for Western democracies, which often find themselves unprepared, compared to traditional conflicts of a military or commercial nature. For this reason, on 13 November 2019, the text relating to Decree-Law No. 105/2019 was approved. The Law designs the architecture of skills and bureaucracy, the "defence front" of computer wars, both for public and private subjects. The Law even provides that, in the presence of serious and imminent risk to national security related to the vulnerability of networks, systems or services, the Italian President of the Council of Ministers has the power to eliminate the specific risk factor «where necessary and for the time strictly necessary».
[What are the threats that require the "cybernetic security perimeter"? Let's find out in the interview below]
Here are the deadlines provided by the Converted Decree, the competent Ministries, other responsible agencies and relative penalties. Let's understand who will be included in the security perimeter and according to which criteria contracts will be stipulated for the supply of goods, services and ICT systems.
4 months after the issuance of Decree-Law 105/2019
" to identify the realities included in the security perimeter, identified by the President of the Council of Ministers.
" to prepare the criteria for the list of networks, information systems and sensitive information services pertaining to the realities concerned - by the Italian DIS (Security Intelligence Department), in collaboration with a representative of the Presidency of the Council of Ministers.
6 months after the issuance of Decree-Law 105/2019
" to forward the above lists - those of public bodies - to the Presidency of the Council of Ministers and private bodies to the MISE (Ministry of Economic Development) - which will be forwarded to the DIS, and also to the Ministry of the Interior's agency for the security and regularity of telecommunications services (deputed by the Ministry of the Interior).
10 months after the issuance of Decree-Law 105/2019
" for the notification by the subjects present in the lists of eventual computer accidents to the CSIR (Interministerial Committee for the Security of the Republic), which will forward them to the DIS. The latter will...