Roberto Baldoni was appointed by the Prime Minister Mario Draghi as director of the National Cybersecurity Agency (Acn). The Council of Ministers has formalized the choice: the professor leaves the deputy directorate of Dis (Department for Information and Security) after four years to take over the reins of the new agency built under the direction of the premier and the undersecretary with responsibility for intelligence Franco Gabrielli .
This completes the governance reform for Italian cybersecurity. The “cyber-intelligence” remains to the secret services. The cyber defense of national infrastructures will instead be contracted out to the agency, which, according to the final text of the decree, will also act as the national center for the European Cybersecurity Competence Center (Eccc), the network of EU centers that will have to manage community funds for digital and cybersecurity.
An acceleration forced by a worrying escalation of hacker attacks, the latest against the Lazio region, of which a collective of cyber-criminals has encrypted the data of the PA’s servers through the Lockbit 2.0 ransomware.
Roman by birth, fifty years old, “Il Professore” and one of the leading authorities on the subject. Studies in information engineering at Inria in Paris, Cornell University and Southampton. Then La Sapienza, with the chair of Distributed Systems at the Faculty of Information Engineering and the direction of the Sapienza Research Center in Cyber intelligence and Information security.
There are dozens of national and international cybersecurity competitions that have seen Baldoni lead the team. Among other things, he was director of the national cyber security laboratory of the Cini consortium and created ItaSec, the annual Italian cybersecurity event that has become over the years a reference point for professionals.
The government’s choice rewards continuity. Since in 2017 the then director general of Dis Alessandro Pansa called him to the deputy directorate Baldoni, he has started an unprecedented job in the intelligence sector, bringing his expertise in cyber defense, hitherto contracted to other institutions (such as the Cnaipc of the Police postal). Accomplices two decrees, by Monti in 2013 and by Gentiloni in 2017, which, under pressure from the EU, have entrusted the management of Italian cybersecurity to the Italian 007. An unprecedented choice that saw the arrival of an “outsider” from the university chair to the top of Dis.
Baldoni’s first contact with the world of fake beards dates back to much earlier. It was 2011 and for the first time the Italian intelligence, with Dis at the time led by Gianni De Gennaro , signed a collaboration agreement, then renewed over the years, with a university, La Sapienza di Luigi Frati .
A choice that was part of the spirit of the great reform of the sector in 2007, law 124, with the aim of opening the world of intelligence to civil society and above all to academia, to move from the “culture of secrecy” to a ” safety culture “.
It was a very young Baldoni then who was identified as a point of contact between the two institutions, he was responsible for the inauguration of the first master’s degree on cybersecurity between Dis and a university. An experiment that has multiplied over the years and today counts many other universities in the field, from Luiss in Rome to Bocconi and the Polytechnic of Milan.
Years later Pansa’s skills in this area and remarkable interpersonal skills convinced him to choose Baldoni as the “cyber-czar” of Dis. In four years in Largo Santa Susanna (today Piazza Dante) the professor had a significant task: to work on the construction of the “Perimeter for cybernetic national security”, introduced by the Conte-bis government in its early days. A network of control centers (Cvcn) which will have the objective of screening the technological equipment in all sensitive orders, including those of the public administration.
The pandemic has inevitably slowed down the work, but the goal is now near. Two out of four Dpcm have been published in the Official Journal, and by the beginning of 2022 the perimeter will be fully operational. Meanwhile, it has already collected two significant endorsements: one from the EU Nis Cooperation Group, the other from the US State Department, which asks Italy and its allies to raise the bar to keep Chinese companies like Huawei and Zte.
The decision to move cyber-defense outside the intelligence perimeter with a separate agency, moreover in line with the experience of other European countries, such as France and Germany, responds to a need felt by the sector for some time. That of going back to doing what is up to intelligence, that is, the “operations”, and putting order between the respective competences. Baldoni at the agency will continue to be the “architect” of the cyber perimeter. He will have a four-year term, extendable for another four, and will report directly to the delegated authority and to the premier.
