Cybersecurity (or information security) is the set of practices, technologies and processes designed to protect computers, networks, devices, systems and data from attack, damage or unauthorized access. The main objective of cybersecurity is to ensure the confidentiality, integrity and availability of information and digital assets. These activities are carried out by personnel assigned to perform these activities:
Job profiles related to information security - Knowledge, skill and competence requirements
Professional figures working in cybersecurity of public and private organizations
-
The Cybersecurity Contact Person (Lg. 90/2024) works at the operational level for the organization with technical autonomy in carrying out assigned tasks, managing the implementation of Cybersecurity and also interfacing with the management level and the internal supply chain, consistent with assigned tasks and activities, and has a key role in ensuring that organizations take appropriate protection and preparedness measures to deal with cyber threats
-
The Cybersecurity Manager operates at a tactical-strategic level for the organization with autonomy and responsibility in carrying out tasks and in some cases may temporarily replace the Cybersecurity Contact Person
Competency certification operated by a certification body that follows the rules of accreditation provides certainty and assurance of the best competency in the relevant market.
Information Security (UNI 11621-4)
The standard defines third-generation professional profiles related to information security using the principles specified in UNI 11621-1 "Methodology for the construction of professional profiles based on the e-CF system." The professional working in information security performs a wide range of activities having a cross-cutting nature with respect to other business processes, contributing to the management or verification of a more or less extensive set of significant information processes or systems.
The Standard identifies nine professional profiles:
-
Chief information security officer (CISO)
-
Information security manager
-
Information security process analyst
-
Technical analyst for information security
-
Forensic analyst for ICT incidents
-
Information security process specialist
-
Information security infrastructure specialist
-
Information security application specialist
-
Incident response specialist
For each profile, the Standard defines tasks, competencies, skills and knowledge. With certification, the professional is able to provide greater assurance to his or her clients, gain credibility and access the registers of professionals certified according to the UNI 11697 standard.
Relevant documents
Contact us. Our staff is
available to provide you with all the information you need