Cybersecurity Expert, Chief Information Security Officer (CISO),
Certified Information Systems Auditor (CISA)

John Giordani

Certified Information Systems Auditor

Cybersecurity Expert


Digital devices and IT are at the center of both our day-to-day work and leisure activities. Information affects many aspects: think of communication, the details of our lives that we share on social networks, and internet searches.

All this forms a unique and detailed package that takes the name of a digital identity. For example, messages that are exchanged every day on some systems do not reside locally on the device but are saved in such a way as to be readable, for example, by the PC. It's cloud technology that saves data on a server and then shows them on demand. Another use of the cloud is to save your files to a non-physical storage to have a copy available from any internet browser. This prevents the loss of data that may result from damage to a hard drive or theft. There are cases of so-called passive security, that section of computer security that cares about unwanted unexpected events. This fascinating branch has a whole set of practices that for example keep servers in an armored, supervised room, in the case of companies handling sensitive databases. Or the proper maintenance of the machines used to handle this data.

What derives from using cloud systems is the need to be careful about the passwords set up and use, and applies to all the services you subscribed to. Social networks, email providers or others. It is advisable to use different access keys for different services and change them frequently, for precaution.

Useful tips

Verify -
the networks you connect to are closed or open Wi-Fi hotspots? Avoiding unsafe connections is the basis for protecting your data over the internet.

Generate -
passwords that are far from personal, non-trivial and complex: avoid birth dates, pet names, or peculiar features that may come to your person.

Be careful -
don't trust emails that ask for credit card credentials or information that is generally not requested via email or chat.

Delete -
periodically visit your website visit history. Deleting your browser cache not only speeds up but also eliminates stored information that may no longer be needed.

Handle -
the permissions of your social networks profiles so that only the information you want to be shared is of public domain. For example, you can limit the consultation of Facebook's diary to friends.

But the field is much broader: IT security is a science that has the object of protecting from attacks or attempts at data theft, or even forgetfulness and unforeseen events that can compromise what we do with digital systems. The so-called passive security concerns all those actions that can be taken to prevent those who do not have permission to access our sensitive information.

The active safety implies, however, the configuration of defenses through software or hardware systems in order to put barriers and limitations to the various attempts put in place by attackers. It can be the installation of a firewall such as regular antivirus use or fingerprint authentication (widespread on the latest generation smartphones and business locations).

Due to the constant evolution of this industry, it is necessary to have a total and always up-to-date approach to the issue: all aspects of IT protection need to be well-chained and function in an integrated way, without creating weak points. The subject is delicate and precisely for this since the dawn of computer science and the introduction of computers and mobile devices in the homes and pockets of each one we have made giant steps. Companies have available not only external threat detection systems but also timely intervention to remedy any annoying situations in terms of data leakage or corruption.

John Giordani
Cybersecurity Expert, Chief Information Security Officer (CISO), and Certified Information Systems Auditor (CISA) ​