CyberSecurity Course
​

Description: The course is designed to provide participants with the skills and knowledge necessary to protect IT/OT infrastructures against digital threats. The course covers a wide range of topics, including network security, cryptography, identity and access management, application security, incident response and the use of artificial intelligence to protect systems and is essential for anyone who wants to protect information and computer systems from the increasingly sophisticated threats of the digital world. Participants will emerge from this course with an in-depth understanding of CyberSecurity concepts and will be prepared to meet the challenges of protecting information in an increasingly connected and digitalized world. ​
​
Objectives: The CyberSecurity course aims to achieve the following objectives:
1. Understand the Basic Principles of Cybersecurity: Participants will gain a solid understanding of the fundamental principles of cybersecurity, threats, vulnerabilities and countermeasures;
2. Protect Networks and Information Systems: students will learn network security concepts and be able to define security solutions for infrastructure security;
3. Cryptography Techniques: The course will teach students the basic principles of cryptography to protect sensitive data, both in transit and at rest;
4. Manage Identity and Access: Students will discover how authentication and authorization solutions are implemented to ensure that only authorized users have access to critical systems and resources;
5. Develop and Test Secure Applications: the course will provide the necessary skills to understand the fundamentals of security by design;
6. Monitor and Respond to Incidents: the module will address the issues of preventing and responding to security incidents effectively;
7. The use of artificial intelligence at the service of CyberSecurity: the use of AI in threat identification and automation will be analyzed so as to improve automate responses and improve the protection of IT systems;
8. Ensure Regulatory Compliance: Students will understand cybersecurity laws and regulations, such as GDPR, NIS, DORA etc.
​
​
Introduction to Cybersecurity (3h)
​
o Definition of Cybersecurity: Protection of computer systems, networks and data from unauthorized access, damage, theft and cyber attacks; Fundamental
o Principles of IT Security:
-
Confidentiality: Protection of data from unauthorized access.
-
Integrity: Ensuring that data is not altered without authorization.
-
Availability: Ensure data is available to authorized users when needed.
o Types of Threats: Malware, DDoS attacks, phishing, ransomware, software vulnerabilities, advanced persistent attacks (APT);
o Evolution of Threats: How cyber threats have become more sophisticated over time;
o Threat Detection: Anomaly behavior analysis, threat monitoring and detection tools;
o Defense Strategies: Implementation of firewalls, antivirus, and security technologies to protect networks and data.
Network Security (3h)
Secure Network Design: Network segmentation, separation between internal and external networks (DMZ), use of VLANs;
o Firewall: Configuration and management of firewalls to protect networks from unauthorized access and monitor traffic;
o VPN (Virtual Private Network): Creation of secure tunnels for data transmission, traffic encryption and security in remote connections;
o IDS/IPS (Intrusion Detection/Prevention Systems): Systems to monitor and detect intrusions into the network and to prevent attacks;
o Secure Wireless Networks: Protection of Wi-Fi networks with encryption protocols
Cryptography (3h)
o Basic Concepts of Cryptography: Protection of data through encryption algorithms to guarantee confidentiality and integrity;
o Symmetric Encryption: Use of a single key to encrypt and decrypt data (e.g. AES); o Asymmetric Cryptography: Use of public and private key pairs for encryption (e.g. RSA, ECC); o Hashing: Hash functions to guarantee data integrity (e.g. SHA-256);
o Digital Signature Techniques: Guarantee the authenticity of data through digital signature;
o TLS/SSL (Transport Layer Security / Secure Sockets Layer): Protection of Internet communications with traffic encryption;
o Key Management: Cryptographic key management and distribution systems, PKI (Public Key Infrastructure) for identity control.
​
Identity and Access Management (3h)
o Authentication: Processes to verify the identity of users through passwords, biometrics, and multi-factor authentication (MFA);
o Authorization: Management of access permissions to resources based on the user's role (RBAC - Role-Based Access Control);
o Access Control: Discretionary (DAC), mandatory (MAC) and role-based (RBAC) access control systems;
o Identity and Access Management (IAM): Centralized solutions for managing identities and controlling access to resources;
o Single Sign-On (SSO): Techniques to allow users to access multiple applications with a single login;
o Credential Management: Security in password management practices, use of password managers and strong authentication.
​
​


Application Security (3h)
o Software Security Lifecycle (SDLC): Incorporation of security practices throughout all development phases, from design to maintenance;
o Web Application Vulnerabilities: Main vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Buffer Overflow;
o Code Security: Techniques for writing secure code, input validation, secure session management;
o Penetration Test: Penetration testing techniques to identify vulnerabilities in software;
o Application Security Tools: Use of vulnerability scanners, SAST (Static Application Security
Testing), DAST (Dynamic Application Security Testing);
o DevSecOps: Integrating security into the agile development process, automating security into CI/CD pipelines.
​
Incident Monitoring and Response (3h)
o Security Monitoring: Using tools to continuously monitor networks, systems and applications to detect suspicious activity;
o SIEM (Security Information and Event Management): Tools to collect, analyze and correlate security logs to detect attacks;
o Incident Management: Planning and management of incident response, including preparedness, detection, containment, eradication, recovery and post-incident analysis;
o Forensic Analysis: Techniques for collecting and analyzing digital evidence following a security incident;
o Continuity and Recovery Plans: Definition of business continuity plans (BCP) and disaster recovery (DRP);
o Communication during an Incident: Management of internal and external communication during an attack, involvement of authorities, reputation management.
​
The use of artificial intelligence at the service of CyberSecurity (3h)
o AI for Threat Detection: Application of machine learning algorithms to analyze network traffic and suspicious behavior in real time;
o Incident Response Automation: AI-based systems to automatically respond to cyber incidents, such as blocking compromised IPs or isolating infected systems;
o Threat Intelligence with AI: Using AI to collect, analyze and correlate threat intelligence from multiple sources;
o Attack Prediction: Application of AI techniques and predictive analysis to anticipate and prevent potential cyber attacks;
o Neural Networks and AI for Security: Use of neural networks to identify anomalies in network behavior and system logs;
o Challenges and Limitations of AI in Cybersecurity: Management of false positives, need for large volumes of data and computational costs.
​
Compliance and Regulations (3h)
o GDPR (General Data Protection Regulation): European regulation for the protection of personal data, security obligations and responsibilities for organizations;
o PCI-DSS (Payment Card Industry Data Security Standard): Security standard for the protection of payment card data;
o ISO/IEC 27001: International standard for information security management and corporate data protection;
o NIST Cybersecurity Framework: American guidelines for risk management in cybersecurity; o DORA European Union regulation which aims to strengthen the digital operational resilience of the financial sector;
o NIS2 European Union directive that strengthens cybersecurity across Europe;
o Compliance and Security Audit: Verification of adherence to regulations, standards and regulations, execution of periodic audits to ensure safety.
​
The course is held by Nicola Sotira Head of CERT of Poste Italiane . It works in information security and network with more than twenty years of experience gained in international environments. He was involved in encryption design and network security in the security area, also working in complex infrastructures like mobile and 3G networks. He has collaborated with several magazines in the computer industry as a journalist, contributing to disseminating security and legal, technical aspects. He was teaching security, since 2005, at the Master in Network Security of the Sapienza University and LUISS.