focus

Protecting against cyber-attacks through training. Leonardo presents the Cyber & Security Academy in Genoa

01 April 2022

To promote the culture of security and train in the necessary skills to recognise, understand and confront cyber threats. These are the aims behind the creation of Leonardo’s Cyber & Security Academy, the new advanced training centre set up by the company which will offer Defence, Public Administration, critical infrastructures and companies immersive training courses on the most current security topics.

 

Today in Genoa, Leonardo’s Cyber and Security Academy was introduced in the presence of the company top management and the Director General of the National Cybersecurity Agency, Roberto Baldoni. Among the guests at the event “The knowledge [to] protect”, there were  the President of the Liguria Region, Giovanni Toti, and the Mayor of Genoa, Marco Bucci.

The Academy was founded to spread the culture of security, essential for protecting infrastructures and data from ever increasing and ever more complex threats.

Luciano Carta, Chairman of Leonardo, commented: "Today, more than ever, we are fully understanding the meaning of 'hybrid warfare', a strategy that combines conventional warfare with other actions that cross state borders. These actions include cyber attacks, but also information manipulation and economic warfare: a dangerous mix for the stability of countries and institutions.  If digital innovation permeates our present so deeply that we can say that 'the digital is the real world', securing our data is an absolute necessity".
 

Luciano Carta - Presidente


Leonardo’s intention was to create an advanced training centre to improve the skills of security operators in Italy and Europe and to make cyber security a systemic topic in all organisations.

Leonardo feels the responsibility of playing a strategic role, alongside institutions, in the protection of citizens and territories. For this reason we continue to invest in innovation, and we are now launching a European centre of excellence dedicated to training in the necessary skills to overcome cyber security challenges and support the digital transition”, said Alessandro Profumo, CEO of Leonardo.

Digital twins, virtualisation and cooperation are the technological pillars of the training offering, which comprises standard courses on the most current security topics, customisable courses on specific subject areas, Cyber Exercise and White Phishing activities, and courses for obtaining Pearson VUE certifications.
 

 

Leonardo’s experience in cyber security

The Cyber & Security Academy benefits from Leonardo’s experience in the cyber-physical protection of critical structures in over 150 countries worldwide and in the continuous management of cyber threats. Capabilities built up in various strategic sectors (energy, Public Administration, banking, transport, telecommunications, health) and, in particular, in the Aerospace, Defence and Security sectors through the protection of its assets and technological know-how. With over 100,000 users cyber-protected, Leonardo monitors around 115,000 security events per second and manages over 1,800 cyber alarms every day.

“The Cyber & Security Academy aims to respond to the ever-increasing need for a security culture, in relation to the increased digitalisation of our lives. Thanks to the experience acquired by Leonardo every day in protecting strategic infrastructures, as well as its own technological capital, the Cyber & Security Academy intends to offer the necessary skills and capabilities to face new cyber threats,” said Tommaso Profeta, Managing Director of Leonardo’s Cyber & Security Solutions Division.
 


 

Leonardo can count on the support of over 160 cyber security and intelligence expert analysts, and platforms capable of 500,000 billion operations per second dedicated to monitoring, identifying and analysing cyber threats and to supporting decisions on minimising the impacts of possible attacks. Every year Leonardo’s Global SOC in Chieti monitors over 4.7 million Indicators of Compromise, i.e. digital traces of cyber incidents.

"A workforce with the right skills is functional to the resilience of a country, and at the moment this is a critical factor in Italy: we need people to take care of critical infrastructures, and Leonardo's Cyber & Security Academy will allow us to insert new professionals in the current context," stressed Roberto Baldoni, General Director of the National Cybersecurity Agency.

A European centre of excellence, the Cyber & Security Academy also represents an opportunity for Italy and the Italian training sector, supporting the Leonardo Lab and HPC davinci-1 in the industrial digitalisation hub created by Leonardo in Genoa.
 

CYBER SECURITY: MULTI-DOMAIN PROTECTION 115,000 OPERATIONS PER SECOND PROCESSED FOR CYBER INTELLIGENCE PURPOSES 500,000 bn MORE THAN INDICATORS OF COMPROMISE MONITORED BY THE GLOBAL SOC EVERY YEAR 4,7 mln SECURITY EVENTS MONITORED PER SECOND BY THE GLOBAL SECURITY OPERATION CENTRE (SOC) SECURITY ALARMS HANDLED BY THE GLOBAL SOC EVERY DAY 1,800

The training offering and technologies put forward by Leonardo

The Academy offers a comprehensive catalogue of courses and seminars on technological, regulatory, methodological and process security, which can be attended online or in person at several premises in Italy (the main facility in Genoa, but also Chieti and Rome, as well as at its partners’ premises).

Immersive modular training courses, adapted to the operational context, enable students to consolidate their theoretical and practical skills in prevention, detection and management of cyber-physical security incidents already acquired through university courses, post-graduate Master qualifications and specialised certifications.
 

 

 

An approach that combines technological expertise with enhancement of the “human factor”, which is crucial to increasing risk awareness: recognising the correct information and sharing it with all the parties involved allows conflicts to be resolved more quickly.

The technological heart of the training offering is formed by the proprietary platforms Cyber Range and Cyber Trainer. Designed according to gamification principles (i.e. using mechanisms similar to gaming ones, such as assigning goals and achieving rewards), they apply virtualisation and interoperability to simulate complex immersive operational scenarios in which to put into practice, in groups or individually, the acquired knowledge, through the creation of digital twins of networks, systems and applications to be protected, as well as attack and defence threats and tools. Leonardo’s platforms can support exercises with digital twins of thousands of nodes and hundreds of networks, simulating up to 5 complex scenarios simultaneously, with multiple teams and tens of users per team.
 

PLATFORMS FOR VIRTUALISATION AND IMMERSIVE TRAINING BASED ON SIMULATION OF COMPLEX SCENARIOS OF ATTACK AND DEFENCE TO THE INFRASTRUCTURE OF INSTITUTIONS, COMPANIES AND STRATEGIC SERVICES ABILITY TO CREATE EXERCISES WITH DIGITAL TWINS OF THOUSANDS OF NODES AND HUNDREDS OF NETWORKS UP TO 5 SIMULTANEOUS SIMULATED SCENARIOS, WITH MULTIPLE TEAMS AND TENS OF USERS PER TEAM AND CYBER RANGE & TRAINING: THE TECHNOLOGICAL HEART OF THE CYBER ​​ & SECURITY ACADEMY DIGITAL TWIN COLLABORATION.

Cyber threats in the world

Cyber-attacks have reached an unprecedented global dimension. Their effects are not limited to the web or the computer systems of a company or organisation but have consequences on people’s actual lives which can also be very dangerous, if not devastating.

Cyber threats represent a factor of maximum criticality for national security, and Italy comes third in the world for ransomware attacks. According to the latest report by CLUSIT (Italian Information Security Association), in 2021 there were 2,049 serious IT attacks, nearly 10% more than in 2020.

In its cyber threat intelligence activity, in 2021 Leonardo identified cyber macro threats linked both to eCrime, aimed at financial profit, and to increasing IT intrusions to the detriment of government sectors, defence, aerospace and health, without overlooking energy, telecommunications and the industrial sector. The objectives are very diverse: from the collection and exfiltration of sensitive data and information, to sabotage, and even to compromising strategic infrastructures and defence capabilities of governments and institutions.