Walter Arrighetti

Cyber Threat Intelligence Expert

Banca d’Italia

 

Areas of Expertise:

Cyber Threat Intelligence, Cyber Security, Security Governance, Security Auditing, Cloud Security, Personal Data Protection, Multimedia Content Protection.

 

Research

WALTER ARRIGHETTI works as a Cyber Threat Intelligence Expert at Bank of Italy’s Computer Emergency Response Team (CERTBI) and earned his M.Eng. and Ph.D. at Sapienza University of Rome. Over time, he matured significant experience, both in the private and public sectors, on Cybersecurity at its broadest meaning: from prevention and tactical-level Incident Response, to Cloud Security, Reliability Engineering, up to strategic-level Cyber Threat Intelligence. From preparing for and leading security Audits on behalf of major film studios, up to Security Governance, standardization and normative drafting. Previously working with the European Commission, Agency for Digital Italy (AgID) and Italian Polygraphic and State Mint (IPZS), he also specialized in the Cyber Resilience of electronic trust services and digital identities (both on the Italian SPID / CIE ecosystem, as well as on EU-wide schemes). He is author of several Science & Technology papers, Security Awareness campaigns and initiatives, technical standards, and international Patents. Walter also regularly lectures for American and Italian Universities.

Sylllabus

Cybersecurity, Cyber Intelligence and Data Privacy
The Triad of Security. Taxonomies derived from Intelligence, Information Security, EU Laws, and Hacking. Principles of Privacy and Data Protection. Security controls: classification and examples. Elements of Cloud Computing and Security. Cyber Threat Intelligence: threat actors, scenarios, tactical/operational/strategic level requirements and deliverables. Situational Awareness. Case Study: The Italian Cybersecurity Strategy and the National Cybersecrity Perimeter. Raising Security Awareness. The Cyber Kill Chain and the Courses of Action: Hacking and Cyber Attack methodologies, step by step. Vulnerabilities Management. Cyber Risk Management. European and Italian legislative frameworks on Cybersecurity and Privacy: GDPR, Cybersecurity Act, Cyber Resilience Act, NIS2 and eIDAS2 Regulations. Examples of outstanding cyber incidents and data breaches. Case Study (cross-related with the Digitization for PA class): Public Key Infrastructure (PKI) for digital signatures.

Digitalization for PA: Case Studies
The European framework on Digital PA. Case Study: the eIDAS/eIDAS2 Regulation on electronic identities and trust services. The Italian framework on Digital PA. Case Study: the Digital Administration Code (CAD), Docs.italia and Forum.italia platforms. Electronic Identities and Identity Proofing. Case Sudy: the Italian digital identity ecosystem (SPID and CIE). Case Study: the European identity schemes and the Digital Identity Wallet. Qualified electronic signatures (qSignature), qualified trust service providers (QTSPs) and Internet security. Case Study: the European Trust List. Case Study (cross-related to the Cybersecurity course): the EU Trust List and validation of qSignatures and certificates. Electronic registered email in Europe. Case Study: the Italian registered email (PEC).