In computer science, a log refers to a sequential and chronological record of operations performed by a computer system. Logs can originate from various sources such as a server, application, client, or software. They are stored in specific files called log files and form the basis of…

Log management and PCI-DSS are connected for several reasons. PCI-DSS (Payment Card Industry Data Security Standard) is a set of compliance standards for the protection of consumer payments and financial data. Organizations that handle payment card information are required to comply with…

ISO 27001 (or ISO/IEC 27001) is the primary international standard for information security. It provides guidelines on how to implement an effective Information Security Management System (ISMS). Specifically, the standard highlights the log management as a control tool. But first, an introduction…

The blockchain utilizes the features of a computer network and allows for the unique and secure management and updating of a ledger containing data and information (such as monetary transactions) in an open, shared, and distributed manner without the need for a central controlling and verifying entity. The increasing interest…

The NIS (Directive 2016/1148/EC) is a 2016 European directive that became effective in 2018, aimed at strengthening cybersecurity in certain sectors considered essential for the European Union. Recently, the latest version of the NIS (NIS2) was published by the EU, which will replace the NIS1 and…

While waiting for the complete Clusit report for the whole year 2022, we can read the partial data on the quality of cybersecurity in Italy and around the world for the first half of this year. The situation is not good: the number of attacks continues to grow, although the…

When the “ADS Provision” (27 November 2008, published in the Official Gazette n. 300 of 24 December 2008) was issued a few years ago, there was little consensus because it was considered of little use. The request of the provision was only to track the login, logout, and login attempts…

The AgID minimum measures are a practical reference used to evaluate the current level of security of the Public Administration and provide indications for raising it to a higher standard. The purpose, of course, is to counter the ever-increasing and frequent cyber threats that aim to obtain sensitive data from…

The “System Administrators” provision is one of the fundamental steps for protecting personal data in organizations. It is still in force today, like the GDPR and the minimum measures of AGID, and is of central relevance in log management. The System Administrators provision The System Administrators provision was introduced…