Major role in Italy for Cyber security expert
Professor Vladimiro Sassone, Head of the Cyber Security Research Group within Electronics and Computer Science (ESC) at the University of Southampton, is to be appointed Chief Scientific Officer for Cloudify NoiPA, a major project of the Italian government aimed at moving the IT administration of the public sector into the cloud.
Professor Sassone will have an explicit mandate for the cyber security aspects of the project, worth in excess of €70m, which is run by Italy’s Ministry of Economy and Finance, under the responsibility of Francesco Paolo Schiavo, the Director of the Ministry’s Department of General Administration.
“I am honoured and excited to be involved in such a large, significant and challenging project, both personally and for the Cyber Security profile of the University of Southampton,” said Professor Sassone.
“Due to the legal requirements of protection of personal data as well as the intrinsic strategic and economic value of the information held in the system, the security challenges for Cloudify NoiPA are very significant,” he continued. “They range from guaranteeing the physical security of the IT infrastructure to verifying the tightness of security protocols involving humans and machines (through formal methods); from the selection of secure end-user technology to the management of vulnerabilities in obsolete external devices; and from the design of role-based data access control to the compliance with GDPR and other privacy/security regulations.
“The collection of security requirements and the adoption of effective security design and engineering which works well with the ultra agile software engineering methodologies used to develop NoiPA are a challenge in itself,” Professor Sassone concluded. “This highlights for me the unhappy state of affairs regarding the engineering of security requirements, which is now the PhD topic of one of our Cyber Security students.”
The University of Southampton plays a leading role in cyber security research and education, undertaking basic and applied cyber security research, and providing core capabilities and leadership in support to University’s broader security activities.
At the core of these activities is the University’s Academic Centre of Excellence for Cyber Security Research in ECS, recognised by the National Cyber Security Centre and the Engineering and Physical Sciences Research Council (EPSRC) as well as the Cyber Security Academy, a partnership between University, Industry and Government, whose objectives span from research and consultancy to outreach, training and knowledge transfer.
Click here to follow further developments via the Cyber Security Southampton blog.