Under attack? Why cybersecurity starts with the network: Paolo Allegra’s perspective

According to the Head of the Security Operation Center (SOC), cybersecurity must be addressed holistically, combining IT and networking expertise.

Today, antivirus software and application security are no longer enough. Cybersecurity has expanded from a purely IT concern to a core infrastructure challenge. The corporate network has become the primary entry point for cyberattacks and must be protected continuously, 24/7.

This requires advanced IT and network engineering skills that many organizations do not have in-house. As a result, companies increasingly rely on a Security Operation Center (SOC) with strong networking expertise — a true technological insurer of business continuity, corporate reputation and regulatory compliance.

Cybercrime pressure is increasing. Are companies more vulnerable?

According to the 2025 Clusit Report, 37.8% of Italian companies have suffered at least one cyberattack. Phishing, malware, web application attacks and ransomware are among the most common techniques. What is often overlooked is that many attacks do not only target applications — they enter directly through the network.

An unsegmented and unmonitored network enables attackers to move laterally from weak entry points to critical systems such as ERP, CRM and customer databases.

In short: a vulnerable network undermines even well-protected applications.

Why is the corporate network more exposed today than in the past?

Firewalls still play a crucial role, but two major changes have reshaped the threat landscape.

First, modern business models require companies to expose services externally — websites, cloud applications, APIs — making network access unavoidable and therefore something that must be secured, not blocked.
Second, remote work and mobility have turned the corporate network into a distributed ecosystem, accessible anytime, anywhere and from multiple devices.

As a result, cybersecurity must start from the infrastructure and extend to access management for both internal and external users.

What is the new cybersecurity paradigm?

Application security alone is not enough if the network itself is not secure. Infrastructure is a fundamental pillar of cybersecurity.

When properly designed and managed, firewalls, intrusion prevention systems and core networking devices become the first line of defense. A segmented, monitored network makes applications inherently more secure.

Network segmentation, in particular, limits lateral movement — one of the most common techniques used in modern ransomware attacks — by creating digital firebreaks between systems.

Can a SOC effectively address corporate security needs?

Cybersecurity is no longer optional. Threats are constant, SMEs are frequent targets, and regulations such as the NIS 2 Directive have made cybersecurity a governance responsibility.

A SOC provides continuous monitoring, early detection and rapid incident response, helping organizations protect their business and meet regulatory requirements.

What are the benefits of choosing a SOC like Italtel’s?

An effective SOC operates like a true digital immune system, built on three elements that reinforce one another and form the backbone of our security services offering.

The first is Assessment and Network Engineering, the initial phase in which the network is analyzed and secured. It is like having a locksmith come in to reinforce doors and windows: without this phase, any alarm system is useless.

The second is Continuous Surveillance (24/7 monitoring). The network may be solid and well designed, but the “human factor” — such as an employee clicking on the wrong link or unintentionally leaving an external door open — remains unpredictable. Monitoring is essential to detect anomalies, access attempts, and suspicious traffic in real time. It is our advanced intrusion detection system.

The crucial component is Incident Response. When an intrusion is detected, experts intervene immediately: they isolate the issue, restore systems, initiate forensic analysis, and guide the company through regulatory obligations, including notification to the CSIRT where required by law.

It is a comprehensive service: prevention, detection, and response.

What makes Italtel’s SOC unique?

Networking is in our DNA. By combining deep network expertise with IT cybersecurity skills, we deliver a truly holistic approach.

We understand how attackers move because we understand the network — often better than they do.