Defending companies from cyber attacks becomes an increasingly important challenge day after day, in this regard the company STIM Tech Group, which provides services and solutions in the ICT field by making technological skills available to customers to translate innovation into a real opportunity of business, has structured a SOC service that brings into play in-depth skills and an updated and constantly evolving research lab.
Today Stefano Marazzi CEO of STIM presents the structure of an increasingly vital service for companies.
How was Stim born and how was the department dedicated to Cyber Security structured?
With a 35-year history, STIM Tech Group is a System Integrator who, thanks to the continuous acquisition of new skills, has strengthened and expanded the solutions offered and the customer portfolio. To meet the growing IT security needs, we have set up a specific Business Unit dedicated to Cyber Security.
The new BU, located at the Milan Via Messina headquarters, is structured with a team of highly qualified experts, including an Internal Competence Center and a modern Research and Development Laboratory (Lab). The investment also concerned the implementation of a Security Operations Center (SOC) operating 24/7, equipped with advanced technologies for monitoring and managing the IT security activities of our customers.
How did the idea of a SOC in Stim service come about?
The idea of creating a SOC service in STIM was born from the dual need of a growing market and to satisfy the request of some of our clients in the financial sector for the protection of the IT infrastructure. The responsibility entrusted to our Chief Information Security Officer (CISO) Alberto Perini, an expert in the creation and management of SOCs, has made it possible to offer a high-quality monitoring and management service for IT security activities, customized according to the needs of our customers .
What is the technological approach of the SOC? What are the services that Stim will focus on?
We have an innovative and holistic approach towards security as a fundamental strategic element for the competitiveness of companies. We combine the skills in Enterprise Network, Physical & Infrastructure Security and IT Managed Services typical of the STIM portfolio, with strategic collaborations with technological partners and the most advanced security technologies to protect the IT (corporate) and OT (industrial) infrastructures of our Clients .
We focus on vertical skills to address emerging challenges in the cybersecurity field.
One of the main focus areas of our SOC is threat intelligence – the ability to gather, analyze and interpret real-time threat intelligence. This allows us to identify and mitigate potential threats in a timely manner, offering a proactive monitoring service.
Furthermore, given the entry into force of the DORA (Defence and Offense Response Action) regulation, our SOC is also focusing on Red Team services, which allow you to carry out attack simulations and penetration tests to evaluate the security of systems and identify any vulnerabilities to be fixed.
We are developing specific expertise for vertical markets such as IoT (Internet of Things) and 5G, which require particularly advanced security solutions due to the unique challenges they present. In this context, our SOC offers targeted services to ensure the protection and security of networks and connected devices, preventing potential attacks and violations.
What role does internal research play in your SOC?
Evolution starts from research, which is why it assumes a fundamental role for us within our SOC. We have established an internal Competence Center which focuses on the research and development of innovative solutions in the field of information security. This allows us to stay ahead of emerging threats and develop advanced defense strategies for our clients.
The exchange of information and collaboration with universities and research institutes allow us to access additional knowledge and resources in the field of information security, as well as facilitate the identification and adoption of new technologies and methodologies.
The development of Proof of Concept (PoC) allows us to evaluate the effectiveness of new security solutions and tools, while the adoption of reverse engineering solutions is the basis for understanding any weaknesses in IT/OT systems.
The research synergy in our SOC allows us to anticipate and address threats more effectively, ensuring proactive protection for our customers. We are also open to the idea of activating spin-offs with universities to promote innovation and the development of customized solutions that meet the specific needs of the market.
What are the main threats you face?
We work hard to protect our customers from malware, phishing attacks, DDoS attacks, system vulnerabilities, data theft, privacy breaches and targeted attacks.
We focus on the timely detection and effective response to potential cyber-attacks, providing a high-quality, tailor-made cyber security service.
What approach do you have on training?
We have a careful approach to human resources, we recognize the importance of continuous training, necessary to learn about new threats and adopt the most effective countermeasures to protect company systems and at the same time we create an inclusive, collaborative and stimulating work environment .
We offer targeted training opportunities with training organized on an annual calendar and with vertical sessions focused on specific areas of expertise, which meet the dual need to keep the team's skills constantly updated and the growth ambitions of colleagues.
Internal workshops, mentoring and the exchange of best practices promote a culture of continuous learning and collaboration.
How to see the future of this service?
The evolution of cybercrime has strong impacts on the structure of companies; we look to the future with optimism in a necessary path of evolution and growth characterized by the continuous increase in technological complexity. The future of our SOC service will be increasingly oriented towards the as-a-service model, where the team acts proactively in monitoring the digital environment of our customers; a modern security center that uses logs and SIEM analysis, enriching them with data from endpoints and from the network, evolving towards a model based on a network between on-prem, cloud and cloud-native apps, allowing to detect previously unknown suspicious activity and ensuring the security of corporate information for our customers.
