Cybersecurity, the Italian « trench » is in Modena: so Certego anticipates hackers attacks in the computer war
In the heart of Emilia, a team of experts supervises 200 Italian companies from digital threats. The challenge? Stop hundreds of hackers every day before they even hit
If today the assaults on banks (data) are not made with physical weapons, but through algorithms and invisible connections, then the guards of this new era are are Cybersecurity professionals. In Modena there is a handful that every day faces hundreds of constantly evolving threats. In their base, on a small skyscraper in the area of Former Acciaierie Ferriere (An intertwining of streets reminiscent of the Modena car glories: via Lamborghini, via Fratelli Maserati, the Enzo Ferrari Museum …), spend their time constantly monitoring data flows between impenetrable codes, lines of defense and sophisticated algorithms, while in front of them, On a large LED wall, the computer attacks follow one another at the rhythm of a second. With an average age of 35, a degree in engineering or computer science and as distinctive sign being a little nerdthese guys for 24 hours a day, 7 days a week, They protect over 200 Italian companies from dozens of IT attacks, coming from every corner of the earth.
Certego, a reality of 6.5 million euros
There Certegoone of the most advanced Italian realities in digital defense, was founded in 2013 right here, in the heart of Emilia, by Bernardino Grignaffini Gregorio. A company from 6.5 million euros of turnoverwhich is at the same time software house, intelligence center and investigative team, capable of analyzing, identifying and neutralizing invisible but potentially devastating threats. In a country, Italy, where 98% of companies are SMEs and where it is often thought that « suffice the antivirus »Certego has chosen a radical approach: to build everything at home, from the technological platform to the response models, for have total data control and guarantee security « made in Italy ». Global cyberc crime is worth over 9,500 billion dollars, according to Cybersecurity Ventures, and alone the 200 companies protected by Certego receive over 200 thousand suspicious signals of attempts. But « defending is not enough, » he explains to Courier Grignaffini. «Today we must know how the enemy attacks, recognize the language with which he moves in the network and anticipate his moves. Only in this way can we really protect our customers ».
Grignaffinihow did the idea of founding Certego come to you?
In 2013 the companies focused everything on prevention: firewall, antivirus, barriers around the systems. But they continued to be attacked. The idea was born from this: to build a reality capable not only of preventing, but of detecting and responding to attacks. We wanted to specialize in Detection and Response, with an approach inspired by the Cert (Computer Emergency Response Team), from which the name Certego is also born. We started in 4 or 5 people, today we are about 50.
How are you structured?
Half of those who work in Certego are made up of developers, the other half of analysts. The former build and improve our platform; The latter investigate each alarm, classify the risks and intervene to neutralize threats. We are active 24 hours a day because the crime never sleeps and we also have staff abroad, to cover the time zones. Then, we collaborate with the University of Modena and Reggio Emilia, partner in the creation of the first Italian Cyber Academy. We also work with the University of Bologna and participate in international projects such as Google Summer of Code. Among our objectives there is also the formation of the new generations of experts.
What kind of skills do they need to work with you?
It is needed IT skills, of course, but also intuition, sensitivity, curiosity. We are always looking for varied profiles, even with background in criminology, economics, law. Ours is a job that requires analysis and variety of approach. For this reason we enhance diversity, even of gender and cultural.
In what are you differentiated from the competition?
The main difference is that we internally develop the technologies we use. While many companies are based on third -party Saas software, often American or Israelis, we have built an entirely Italian proprietary platform. This gives us total control over the data and allows us to offer a more personalized service. Thanks to the internal development of technologies we can analyze in detail the techniques of the attackers and codify them directly in our platforms. This has led us to develop and also share an open source platform for intelligence, which is now also used internationally: we are the only Italian reality to do it.
How important is the location of data today?
A lot. Although formally the data can be hosted in Europe, if the platform is American there are risks related to extraterritorial laws. We guarantee that the data remain under Italian control, managed by Italian technologies and this makes a huge difference in terms of privacy and security.
Who are your customers?
We work with about 200 Italian companies of all kinds: from small realities with a few hundred employees to large banks and insurance with tens of thousands of people. Each customer has specific needs, so we opted for a « Taylor Made » approach.
Two hundred thousand attempts of attacks every year at only 200 companies are many …
On average, each company our customer undergoes no less than 100 attacks per year. Overall, we manage between 180 and 200,000 annual alarms and about 15-20,000 of these represent potentially serious attacks, which we neutralize before they become harmful.
What are the most common attacks?
The vast majority are opportunistic attacks, not targeted. The criminals « shoot in the pile » looking for the easiest vulnerabilities. Only a small part is made up of targeted attacks, often with ideological or political motivations. In Italy the impact is very heavy: the Clusit, the Italian association for IT security, has estimated a 26% increase in attacks between 2023 and 2024. It is a constant growth sector.
Is Italy more vulnerable than other European countries?
Yes. Italy has a productive fabric made above all of small and medium -sized enterprises, often not very prepared from the point of view of IT security. A figure dedicated to cybersecurity is missing, and too many still think that it is enough an antivirus.
Is it just a problem of resources or even cultural?
It is above all cultural. The countries of northern Europe, for example, have a greater awareness of the risk. Computer security must not be considered simply as a technological theme: it has now become a business problem that must also involve the leadership of companies. We need a multidisciplinary approach. In Italy we tend to think « it will not happen to me »; In reality, today, the point is no longer if you come attached, but when.
Is it possible to do an identikit of the cybercriminal?
Most IT criminals act for economic reasons. We no longer speak only of the « computer genius » from films: today there are entire economies of cybercrime, where attack tools are bought or renting, such as the « ransomware-as-a-service ». There are groups specialized in everything: from malware writing to social engineering, to money laundering.
