- Governance Risk & Compliance: Our GRC activities focus on review of security systems also covering governance aspects, identification of architecture changes and necessary upgrades, advisory Compliance with major international standards and regulations (ISO-IEC, ISA-IEC, NIST, CMMC, etc.), management systems, certification of services and products.
- Cyber Risk Quantification: The activities performed within the context of Cyber Risk Quantification aimed to assess the cyber security level of the company using the most up-to-date industry benchmarks. The activities performed by RINA Cyber aim at assessing the cyber posture of our customers through the use of market-leading tools to assess and quantify the level of cyber risk to which the company is subject (Cyber Risk Quantification). The cyber security level identified is intended to direct and prioritise strategic choices in order to reduce the overall risk to which the company is exposed.
- Cyber Technologies Integration: Provision, installation and configuration of the most suitable technological solution for the attack attempts detection, performing real-time protection and implementing continuous security monitoring, which is important to enable organisations to continuously assess their overall security status.
- Offensive Security Testing: We operate on both traditional IT systems and industrial Operational Technology (OT) systems. Our team tests your resilience to incidents and hacker attacks through perimeter analysis, vulnerability assessments, and the identification of attack vectors. We pinpoint possible entry points and test the exploitability of vulnerabilities to strengthen your defenses against real-world threats. We provide a complete report that highlights our findings and gives you actionable recommendations to improve your security posture.
- HOLOS: HOLOS is the tool developed by RINA Cyber that helps companies and organizations across many business fields to integrate relevant information for measuring and reducing digital risks. Our approach is aimed to support and simplify the decision-making process in order to protect the assets of your company.
- Cyber Risk Assessment: built around our Decision Support System HOLOS, this service provides real-time threat visibility for smarter decisions.
- CISO-as-a-Service: we can provide you with a Chief Information Security Office (CISO) and a multidisciplinary consulting team on demand, without the costs and complexity of hiring in-house.
- Client: Italian Central Bank
- Location: Rome
We are providing comprehensive support to Banca d’Italia in the specialized area of Security Information and Event Management (SIEM) by leveraging Splunk, a market-leading technology in
this domain. Within the framework of Banca d’Italia’s complex IT environment, our SIEM system is designed to efficiently manage an immense data load of 600 GB per day and up to 50,000 events
per second (EPS). The primary objective of this crucial project is the deployment of Splunk Enterprise Security. This is an advanced, analytics-driven SIEM platform engineered to facilitate rapid detection of security threats and enable immediate response measures. The implementation aims to fortify the bank’s cybersecurity infrastructure, thereby ensuring that it can effectively counteract evolving security challenges.
- Client: International Steel Maker
- Location: Emirates
We have supported the Steel Maker in the following areas:
- Conducting an assessment of the security posture for their Operational Technology (OT) plants, industrial architectures, and processes that have already been deployed and enforced. This assessment is aligned with ISA/IEC 62443 requirements and controls
- Identifying key issues and vulnerabilities within the OT processes, as well as areas requiring heightened focus and improvement from an Information Security perspective, in accordance with ISO 27001 standards
- Client: Luxury Yachts player
- Location: Italy
For a prominent player in the luxury yacht market, we have implemented a specialized offering known as HOLOS CTI, a Cyber Threat Intelligence service. This service is meticulously designed to perform an in-depth analysis utilizing Open Source Intelligence (OSINT). The primary objective is to identify and evaluate potential threats and vulnerabilities associated with the organization’s
assets, employees, and stakeholders. In the cybersecurity domain, OSINT serves as a crucial element of ‘Threat Intelligence.’ It involves the collection of data from publicly accessible sources that can shed light on specific targets, such as a company, a domain, or an individual. The ultimate goal is to pinpoint information in the public domain that could pose a risk to the organization’s security posture. This initiative underscores the service’s relevance and applicability, not just in the general corporate landscape, but also in highly specialized sectors like luxury yachts.
