The Computer Security Incident Response Team of the Emilia-Romagna Region (CSIRT-RER) is officially operative.
It’s a structure dedicated to cyber-security established by the Region to support its Constituency of reference – that is the regional agencies and structures and the Bodies that signed the Convenzione per la Community Network in Emilia-Romagna – in preventing, detecting and answering cybersecurity incidents while constantly improving the cybersecurity posture thanks to the adoption of standardized and good common practices.
CSIRT-RER is included in the National Web of CSIRT, which is coordinated by CSIRT Italia inside the Agenzia per la Cybersicurezza Nazionale.
CSIRT-RER is operatively managed by Lepida. Starting from November the 10th 2023, every Body that has signed the CNER Convention can subscribe to CSIRT-RER using a module available on https://www.regione.emilia-romagna.it/csir , which allows to generate and send the subscribed subscription to the CNER Implementation Agreement for Cybersecurity, together with the references for cybersecurity of the Referent identified by the interested Body.
Once the subscription has been sent, the Body will be contacted by the CSIRT for the accreditation, which involves the collection of information necessary to start the provision of services and the compilation of a self-assessment questionnaire, on the basis of which the CSIRT prepares a report on the security posture of the Administration.
To date, there are 25 organizations participating in the CSIRT, including Municipalities, Unions and Healthcare Companies.
The CSIRT immediately offers to the subscribed Bodies free services that were realized thanks to regional and PNRR founds, all regarding training and cyber threat intelligence.
Bodies can use the training modules found on the e-learning regional platform SELF to train staff employed in IT and cybersecurity management managers.
A cyber threat intelligence service will be activated for every Body, allowing them to receive reports and being constantly informed on the vulnerabilities and cyber menaces that could pose risks for themselves (for example, vulnerabilities in the technologies in-use, stolen data or credentials, attack campaigns).
Bodies also have access to information related to events and indicators of compromise (IoC) collected and managed by CSIRT throught its own cyber threat sharing platform.
Recently Regione Emilia-Romagna, supported by Lepida, has obtained new PNRR founds that will be used to power up some CSIRT services. A support service for cyber-crysis management will soon be activated, while other services, both for free or for a fee, are being projected.
Moreover, at the beginning of 2024 a Thematic Community dedicated to the topics of cybersecurity and cloud will be activated, which will also be used as a sharing and collaboration tool between the CSIRT and local authorities.
