Axitea renews and extends its Ayuto personal security offering
The Italian global security provider enriches its range of services for businesses with new configurations for security…
Redazione Axitea
Axitea is unique not only in the Italian market but also on in the European scene: it manages both the physical and digital security of its customer companies. It is an approach that gives it an incomparable perspective on the state of security, in a general sense, and how the world is changing and becoming more and more digitally connected. We talked about this and more with Marco Bavazzano, CEO of Axitea and the main promoter of the corporate change that led it to also venture into cyber security.
“In our company’s DNA there was the ability to manage the risk of physical intrusion, so it was almost a natural evolution for us to follow the evolution of our customer companies’ risk. As a result of the digital transformation process, they were also becoming increasingly exposed to digital, as well as physical, intrusion risks,” says Bavazzano. “In this sense, we found it natural to develop the necessary skills to continue supporting companies in risk management, which was gradually taking on different and broader nuances and connotations from those of the past.”
“One important thing we didn’t do was simply partner companies in the IT sector, and go for an integrated commercial offer, but instead we developed in-house the necessary skills to support companies also in IT risk management. We expanded the workforce with new hires, because clearly these specialised skills were and are very distinct from those we already had in-house. We also provided ad hoc training for certain professional figures to teach them and develop their knowledge in this new area: our salespeople have always had a high degree of consultancy skills geared towards physical risk, but with the introduction of new cybersecurity services, we needed them to learn a consultancy-based approach to digital risk management. We also created a highly specialised pre-sales structure that supports salespeople in presenting and proposing the offer to customers and prospects.”
“This positioning of ours is unique not only in Italy, but also in Europe, because the transition from physical to digital is difficult; this evolution is quite complex because, like all transformation programmes, it needs a very strong commitment from above, but it is also a problem of culture. Companies that come from the world of physical security generally do not have the culture required to deal with digital issues; we have succeeded because, in bringing in this new human capital, we have also taken in many people from the ICT world and, therefore, the company has undergone a very deep transformation because its culture has been pervaded by digital skills. Axitea has itself become a digital company with processes made very efficient by the use of digital technologies. This internal transformation was very important in order to carry out the transformation of our business model and our offer, and thus be successful; we are unique because it is a much more difficult path and perhaps this is what gives us a competitive advantage. Others may follow us, but it is taking them time to get this far.”
Physical security appears, at least from the outside, to be an area well known and well understood by companies, while cyber security is still an area where awareness and expertise are lacking. But is this really the case from Axitea’s point of view?
“In the area of physical security, there is a fairly widespread awareness of what the risks may be; however, there is an increasing focus on favouring technology-based solutions. Companies have realised that technological solutions in many contexts are more effective than human intervention and, therefore, we find more and more companies perhaps looking to Axitea for the ability to provide them with a video surveillance service based on video analysis algorithms with artificial intelligence rather than an armed ‘guarding’ service. The video surveillance service makes alarm systems very effective because it almost eliminates any false positives. Customers are usually already aware of the risks in the physical environment and understand the value of advanced technologies,” Bavazzano confirms.
“In the area of IT security, the situation is somewhat different. Awareness is growing, but it is not yet adequately developed; however, this is a social issue, it does not only concern companies but, in general, basically our whole society. One of the activities we have been working on from the beginning is making companies more aware of the risks of digital exposure, of having digital assets exposed to threats from the Internet and beyond. Just now companies’ awareness in this area is at a high level because the number of attacks has become so conspicuous, and the media reports on this situation have become so frequent.”
“Many companies still take the view that the problems only affect large companies or specific sectors; in this respect there is a lot of ignorance, because we are all at risk of cyber threats. Trivially, the fact that the conflict between Russia and Ukraine has opened up this cyber component, although this component has not been used massively so far, with attacks by Russia on Ukraine and vice versa, has actually increased the risk level of all companies worldwide. Both nations have worked to weaken the other faction, using cyber weapons that have no territorial limitation, and have therefore started to spread throughout the world, increasing the risk level of all companies.”
“At a time when we are witnessing the digitisation of businesses, for example with the Industry 4.0 programme, which has been very successful in introducing information systems into environments that were perhaps only managed with old generation electronic systems, the physical world has begun to be invaded by IT. It is beginning to realise, following the spread of cyber threats, that this contamination, which has been – and is – desirable for many reasons, starting with increasing the efficiency and production effectiveness of all businesses, nevertheless poses new risks to companies. Awareness is growing, but it is not yet high enough. Suffice it to say that the country is still taking its first steps in defining and implementing a cybersecurity management strategy. We have just recently seen the publication of a decree that contains the principles and guidelines of the strategy for managing cybersecurity in our country, so companies must acquire them and make them their own.”
France established its cybersecurity agency in 2009. Will the foundation of the Italian agency and the allocation of substantial funds through the NRRP change the situation for the better for our country, or will significant changes still have to be made?
“We are definitely going in the right direction, but as you point out we are lagging far behind other countries. The UK had also moved well in advance, in 2005 or 2006 it had already announced allocations in the region of GBP 650 million, while we are still implementing the dictates that came from Europe in 2013. It will take a long time: just a short while ago the strategic plan was released and, as the name says, it is something high-level. The path to an effective implementation of the basic guidelines for the IT security of our companies and essential services for the country is, therefore, still a long one. There is also an issue of digital culture of citizens, so initiatives to increase this level will have to be promoted. We are a country that needs to grow on an issue of fundamental importance for the future, but today we are still immature. The path ahead is signposted and it is certainly the right one, so let’s hope we can travel it as quickly as possible. The resources allocated to this issue are significant, but this decision has only been taken now; hopefully there will be no second thoughts, but I don’t think this will ever happen because it would be too serious.”
“We believe that, unlike the great multiplicity of realities on the market, the role of a security solutions provider is not to suggest that a company buy one product instead of another, because it is not a product that allows us to best handle the topic of cybersecurity. It is a very complex issue to manage and it requires each company to set up processes, organisations and technologies to manage it properly. Clearly, depending on the size of the company, these processes and organisations will have a more or less articulated or streamlined model, but there is certainly no such thing as one product that is better than all of them and that solves all the problems we may have with this predicament. Even though there is a multitude of manufacturers who try to make companies believe exactly that, using well-organised marketing activities: with this product you can keep your data secure, cancel your exposure to risk, be safe from ransomware, etc. This is absolutely not the case.”
“Axitea’s approach is consultative and seeks to tailor the right solution for each company. We don’t go and reinvent the wheel every time, because companies may all look alike and have many similar needs, but each time we opt to ‘tailor-make’ the strategy we will use. We then build a service that is the most appropriate for the risk management of that company, considering the extent of the information system, and the type of services that are used both for customers and internally. We then make a 360-degree assessment of what in jargon is referred to as the company’s security posture, and we support the company with our services in the definition and implementation of those processes, those organisational models that are essential for being able to manage this risk effectively.”
“We address the entire corporate market, focusing mainly on small and medium-sized companies, but we also follow some large companies. It has to be said that very often the security managers of a large company turn to the big players in the market not because they can offer a better service or better advice than ours, but because it protects them with regard to their stakeholders. This, too, is part of a culture that needs to change, because it is the culture that has led to the very serious situations that we know of with the blockage of the information systems in the Lazio Region, many hospitals in the Lombardy Region, and so on. Had things been done well? No, but the company that had been asked to do them was a world leader in its field. It is a wrong culture where there is no ability to take responsibility and there is more of an ability to find a way out of what might be our own problems, rather than solving the company’s problems.”
The Italian global security provider enriches its range of services for businesses with new configurations for security…
The Covid emergency has made organisations more vulnerable to cyber risks. Axitea draws attention to the need…
Healthcare logistics is one of the sectors most targeted by theft. Axitea joins the national association representing…
When Axitea informs its customers that its Security Operations Centre (SOC) uses the Palo Alto Networks’ XSOAR,…