- Assessment and Risk Analysis according to recognized standards – ISO27001, National Cybersecurity Framework, Nist, Enisa Guidelines.
- Definition of technical and organizational security initiatives and solutions and drafting of the implementation roadmap
- Construction and monitoring of the Information security/cybersecurity plan and related projects
- Definition of the information security management system and support for ISO27001 certification
- Definition of the Business Continuity Management System and support for ISO22301 certification
- Information and cybersecurity training: definition of the needs and training plans for different company targets – Management, Operations – preparation of contents and supporting materials, course delivery.
- Coordination and execution of Vulnerability Assessment / Penetration Test activities, definition and direction of remediation actions.
- Take the role of Chief Information Security Officer
- Consultancy support in the field of information security and cybersecurity: market benchmarking, analysis and comparison of security solutions, application of security by design, support for the preparation of technical specifications, technical and economic evaluation of suppliers’ proposals, monitoring and auditing of the activities performed.