The constant evolution of cyber threats calls for advanced cyber security operating models to enable the adequate prevention of and reaction to attacks.
Terna’s Computer Emergency Readiness Team, or TERNA-CERT, is the main point of contact for the collection, analysis and sharing of information on the cyber threats to which our organisation is exposed. In addition to this, TERNA-CERT handles support, training, information and research and development services.
TERNA-CERT consists of a group of IT security experts who work together with the common goal of protecting the security of the Terna Group’s assets — including its information assets — by examining and monitoring the evolving nature of cyber threats, conducting prevention activities, managing IT emergencies, and coordinating response procedures. Our integrated approach allows us to tackle any possible incident through the efficient management of communication and escalation procedures and processes, both internally and externally, and through the effective coordination of response procedures.
We also carry out Cyber Threat Intelligence and Threat-Hunting activities, again with the aim of recognising and proactively pinpointing such threats. In addition, we promote a culture of cybersecurity within the Terna group, by sharing information and practical suggestions to raise the levels of awareness and understanding of the issue among employees (Cyber Security Situational Awareness).
TERNA-CERT is accredited as a Trusted Introducer by TF-CSIRT and has been authorised by Carnegie Mellon University to use the CERT mark. We collaborate with other Italian and international organisations, to promote interaction and information sharing on issues such as new threats, IT attacks, new defence techniques and weaknesses which may be exploited, including through the use of Threat Intelligence and infosharing platforms.
- Incident Management: this includes all operations aimed at restoring normal service as quickly as possible, while continuing to meet service availability and quality requirements. For any event which constitutes a “data breach” of personal data, the CERT assists the Data Controller in cases where it is necessary to notify the Data Protection Authority, in accordance with EU Regulation 2016/679 (GDPR);
- Threat Intelligence: this includes all actions aimed at detecting attacks before they occur by studying the threats that currently exist in a cybernetic context as well as any potential threats;
- Information Sharing: this refers to the open and ongoing collaboration for sharing information with our constituency, similar organisations, and other Italian and international bodies and institutions.