Autori
Busetti, Simone
Scanni, Francesco Maria

Titolo
La notifica degli incidenti nella cybersecurity italiana. Un’analisi sull’efficacia e l’apprendimento post-attacco
Periodico
Rivista italiana di politiche pubbliche
Anno: 2024 - Fascicolo: 1 - Pagina iniziale: 145 - Pagina finale: 170

This article aims to evaluate the effectiveness of the incident notification tool, a key component of post-incident recovery in Italian cybersecurity policy. The article presents a theory-based evaluation using the realist synthesis method to reconstruct the assumptions underlying the tool’s operation and test its implementation. Our results reveal that the tool's effectiveness is based on its dual role as an alerting system and a learning mechanism. However, its performance varies, depending on factors such as the ability of the actors involved and the capacity of the administrations. Recommendations are proposed to improve the design and implementation of the tool, emphasising the need for corrective measures to ensure its effectiveness in both alerting and facilitating post-incident learning.



SICI: 1722-1137(2024)1<145:LNDINC>2.0.ZU;2-Q
Testo completo: https://www.rivisteweb.it/download/article/10.1483/113155
Testo completo alternativo: https://www.rivisteweb.it/doi/10.1483/113155

Esportazione dati in Refworks (solo per utenti abilitati)

Biblioteche ACNP che possiedono il periodico