Cybersecurity and Privacy: Professor Walter Arrighetti
Born in Rome, Professor Walter Arrighetti is an electronic engineer with a Ph.D. in electromagnetism. He is Lecturer in Cybersecurity at JCU, where he teaches MGT/CS 377 Cybersecurity and Data Privacy Management. He is also a Certified Information Systems Security Professional (CISSP), currently working for the Italian Government and for several media and entertainment companies. He specializes in Information Security, dematerialization/archival ICT technologies, and multimedia processing.
What is Cybersecurity and what are its ramifications today?
Cybersecurity is a catch-all name that actually entails a lot of things. It is often, inappropriately, intended as just one of those – information security, which is establishing a Risk Management framework to protect computers and networks against unauthorized access and any other issues impacting business continuity. In reality, Cybersecurity is also about new threats arising from contemporary communication means and business models, like using mobile devices and applications to operate delicate tasks manipulating more and more sensitive information, relying on services that are dematerialized into the Cloud. Unfortunately, new types of vulnerabilities are exposed, which require different approaches. Many Cybersecurity ramifications may span from the privacy of individual citizens up to complex, global-scale geopolitical matters. Cybersecurity experts are not only, and not necessarily, IT specialists. Mitigation starts with understanding the technologies, but it’s usually more effective when business and governance models are part of the strategy as well.
Tell us about your new course MGT/CS 377 Cybersecurity and Data Privacy Management. What is the most important thing you hope students will get out of the course?
This course is an introduction to the key issues in Cybersecurity Management and Privacy. Students will be provided with fundamental knowledge of personal data protection, as well as confidentiality, integrity, and availability of individuals’ and companies’ sensitive information and valuable assets.
Whatever the students’ interests are, my mission is to increase their awareness on outstanding threats to their digital privacy and the security of their devices first, but also to provide tools so that they can have a better security awareness stance in an organizational environment. This will both ultimately prove effective across their careers (again – whatever those may be) and help them protect their personal data in their daily lives.
You recently gave a talk about technologies used in Film Restoration projects. What does that involve?
Among other things, I’m involved with several international media organizations, like the Society of Motion Picture and Television Engineers (SMPTE) and the Academy of Motion Picture Arts and Sciences (AMPAS), which draft technology standards and best practices, mostly related to computer science. I’ve been recently contributing to two frameworks – the Interoperable Master Format (IMF) and the Academy Color Encoding System (ACES). I think these can be jointly used for cost-containing and technically improving the digital preservation of films that were shot on photochemical (35mm) film. Attending students and professionals seemed very interested. Future-proofing our cultural heritage is very important, and film preservation includes keeping content away from technological obsolescence.
What is technological obsolescence? Well, have ever you searched for a 20-year-old digital photo buried in your grandpa’s hard disk, or inside an old mobile phone, or tried to playback with your tablet a 15-year old family-video stored in a CD?
What does your work as a digital transformation consultant for the Italian Government entail?
The team I work with at the Agency for Digital Italy (AGID) is involved with identification cards that can be provided electronically/digitally to citizens (eIDs), both at the EU level and within Italy, replacing paper IDs and smartcards. We are also involved with the accreditation and the design of user-experience and new features on other services, like electronic signatures and web certificates. Together with eID schemes, those services help to increase the security and trust on websites, digital contracts, money transactions, and the whole internet experience overall.
Please tell us about a challenge you encountered in your professional career. How were you able to overcome it?
Some very interesting security challenges I may think of, unfortunately, cannot really be disclosed. However, a few years ago my company’s clients were requesting us to seamlessly, sustainably and, above all, confidentially deliver lots of very large files to stakeholders around the world – a service that could only be provided by few, bigger companies at that time. As a CTO, it was my job to come up with a solution. So I picked up a commercial product that needed to be purchased, installed on-premises and licensed for its maintenance; I re-engineered it along with the vendor, “sublimating” into the Cloud, without any capital expenses, and with a pay-per-use business model. The service proved to be even more secure than before, it is still being widely commercialized worldwide, with some companies having one employee manage the whole process from his or her mobile phone.