“AI is good for cybersecurity, but let's not forget about our cyber instinct”
We asked Diego Fasano, CEO of Xnoova and member of the Advisory Board of our Cybershield acceleration program, for advice and considerations on how to deal with new cyber challenges
The three main cybersecurity challenges today? The training of trained personnel, the intelligent adoption of AI and the use of PNRR resources according to Diego Fasano, CEO of Xnoova and member of the Advisory Board of the Cybershield acceleration program.
When asked, “Why did you decide to be part of the Cybershield Advisory Board?” Diego Fasano has few uncertainties: “Because 20 years ago I wanted to participate in an acceleration program to support startups just like this.”
Fasano's entrepreneurial journey began in 2000 when he founded his first startup that dealt with cybersecurity. After the exit, he founded a second one collaborating with Italian law enforcement agencies and since 2021 at Xnoova he has been using his experience to develop a “defense” platform for mobile devices.
Cybersecurity on mobile devices is a central theme for the CEO: “Our smartphones are the black box of our lives, protecting it should be an essential objective. Today, the tendency is to simplify operations as much as possible, losing control over device security.
A new approach that in my opinion should be adopted with greater conviction, with the strong hope that the startups of the Cybershield program will consider, is that of Cyber Deception Technology. This is a defense strategy that makes it possible to respond effectively to the most sophisticated cyberattacks, used massively, for example, by Israel. The Cyber Deception Technology, unlike the traditional approach, does not aim to keep the enemy away but to lure him into a trap to study his moves, to win on his own terrain. It's about creating fake environments, with false files that act as baits for malware, so much so as to unmask them.
“To increase cybersecurity, first of all, we need to work on people's awareness, as well as having a specific mindset to approach this world and grasp the importance of certain operations. Today, we cannot ignore having personnel in the company trained to deal with cyber attacks, and progress in knowledge in this sector is fundamental. One way to progress will certainly be to use AI, but we must think of this tool as a way to speed up some steps, without losing sight of the 'cyber instinct' of a person in the flesh. The SOC (Security Operation Center) teams must be able to know AI tools in depth, but some fundamental decisions must remain with people, such as the analysis of alerts and the investigation of some anomalies.”
Finally, the topic of how to exploit the resources that the PNRR allocates to cybersecurity: “Now more than ever it would be important to use them to do research, to develop new technologies in Italy, to encourage the development of research centers coordinated by universities and to really invest in technological sovereignty,” Fasano concludes.
