Annita Larissa Sciacovelli is Professor of International law of the University of Bari Aldo Moro (Italy), she is member of the Advisory Board of the European Union Agency for Cybersecurity ENISA. She is member of the Defense Innovation Office of the Chief of Defense Staff of the Italian Ministry of Defense, and member of the Cyber Security&Warfare Commission, of the Italian Society of studies on intelligence. She is Member of the Advisory Board of the International Institute for Peace, Vienna, (Austria). She teaches international law at University of international studies of Rome – UNINT, Rome, and she has been awarded in Paris as “Professional Woman in Cybersecurity Europe 2023” by CEFCYS – Cercle des Femmes de la CyberSécurité.
Recently, in an exclusive interview with Digital First Magazine, Annita shared her professional trajectory, insights on the three cybersecurity trends to keep an eye on, the best piece of advice she has ever received, future plans, pearls of wisdom, and much more. The following excerpts are taken from the interview.
Hi Annita. Can you share a little bit about yourself and how you got into cybersecurity?
I entered the complex and ever-evolving field of cybersecurity driven by my scientific curiosity. I am particularly interested in understanding the intersection between information technology and law and my job is to apply the best legal tool and best practice for a correct and ethical use of cybersecurity. These solutions are essential for national security and for the protection of business and data in digital. That’s why I studied to become a cybersecurity specialist. I am a hybrid professional, which is exactly what private companies and governments need. I support them to comply with the requirements and obligations imposed by international, regional, and national norms and regulations.
What do you love the most about your current role?
I have a variety of roles that I deeply value. As a member of the Advisory Group for the European Union Agency for Cybersecurity (ENISA), I have a unique opportunity to work on the drafting of the European Union best practice and regulations in the digital market.
In my role as a professor of international law, I teach and work on national and international projects on various cybersecurity-related topics, This includes exploring the cyber social security of smart cities and addressing legal issues related to bio-metric surveillance and the protection of civilian population in cyberwar.
As a cyber legal consultant I support private companies in complying effectively to the legal requirements imposed by the European legislation and regulations.
Additionally, I collaborate with the Italian Scientific and Cyber Police and the Center for High Studies of the Italian Ministry of Defense. In these collaborations, I focus on national security aspects of cybersecurity, applying international law to digital forensics and to the offensive and defensive approach to cyber threats and incidents. For instance, one of my last tasks is to write the section of the new Italian manual of international law on cyberoperations.
What are the three major trends do you foresee in your industry in the next 12 months?
The main future trends in cybersecurity are first the enhancement of regulatory compliance and data privacy measures. Due to the GDPR, and the adoption of similar legislation in other regions, businesses will be under more pressure to comply with data protection laws. This trend is expected to grow because companies will invest in technologies and processes that are needed to ensure compliance and protect consumer data.
The second trend is the increase in AI-Driven Threat Detection and Response. The complexity and volume of cyber threats has made challenging for human analysts to respond effectively. Therefore, AI is becoming a critical tool in the cybersecurity arsenal because AI-driven solutions can analyze vast amounts of data to detect anomalies, identify patterns, and respond to threats quickly and accurately.
The third trend concerns data encryption and anonymization to protect personal information because we need to implement systems to monitor and report compliance with regulatory requirements
What are your thoughts on diversity and inclusion in your field? How important is it to have authentic conversations with leaders, professionals, and change-makers to create more acceptance across the globe?
Diversity and inclusion in cybersecurity are not just ethical imperatives but strategic advantages, they are essential for many reasons.
A diverse team can be a benefit because it helps to enhance problem-solving capabilities, to better understand and address global threats, and to inspire new approaches that might not emerge in a homogeneous group.
About the authentic conversations on cybersecurity with leaders, professionals, and change makers, they are important to build trust among stakeholders which is essential for effective collaboration. These conversations are fundamental to share information and organize a cooperative approach. They can lead to share best practices and coordinate joint initiatives and responses to cyber threats, that are mostly global in nature.
The meaning of leadership can change from one era to the other, how would you define the meaning of leadership today?
In our dynamic and evolving landscape, leadership needs to reflect the present challenges and opportunities.
Modern cybersecurity leaders should have a visionary and strategic thinking to be able to anticipates future threats and opportunities. This means to embrace innovation, such as AI and machine learning, to have a holistic, inclusive approach and to share a culture of security awareness. In few words this approach helps to make cybersecurity a shared responsibility.
In your academic or work career, were there any mentors who have helped you grow along the way? What’s the best piece of advice you have ever received?
It’s hard to mention all the people I’m grateful to for their precious advises and support. I would like to mention my beloved dauthgters and Prof. Gabi Siboni, my tutor during the cybersecurity course at the University of Tel Aviv, who years ago thought me the importance of the holistic approach to cybersecurity. The best piece of advice in my experience is to be focused on my projects, to believe in my dreams and to shine, even in the darkest nights.
What is your secret to striking a work-life balance?
Well, it’s quite hard for me to achieve work-life balance because it is an ongoing process that requires adjustments and adapting to my work, familiar and personal circumstances.
I feel it as a dynamic and personal journey based on personal strategies. Personally, I try to plan carefully my personal activities but most of the times emergencies in my profession prevail over plans. Therefore, I care a lot about being proactive, mindful, and about my physical, mental, and emotional well-being.
What technology are you most looking forward to using more of?
Artificial Intelligence, Machine Learning and blockchain, are the technologies that are significantly enhancing cybersecurity. They are useful tools to respond to the evolving and complex cyber threat landscape. I propose these technologies to be integrate in the threat detection & response.
For instance, blockchain grants security in data sharing, identity verification, and in tamper-proof logging. AI/ML enable accurate and timely detection of sophisticated attacks. Furthermore, the analysis of the trends and historical data, consent AI/ML to predict potential vulnerabilities or attack vectors; this allows the organizations to proactively strengthen their defenses.
Where would you like to be in the next 5 years?
I have many projects, just to cite two: one is to become a high-level governmental consultant at European and international level. The second project is to create a Cyber School in Italy with a holistic approach which proposes the study of computer science, together with psychology, law, philosophy, geopolitics, statistics and business. It would bring unique insights into cybersecurity roles. I would like to develop talents by organizing training programs, boot-camps, and cross-training. Above all, I want to encourage diversity and inclusion and provide scholarships to students who cannot afford to pay tuition.
What advice would you offer others looking to build their career in cybersecurity?
It’s very interesting and challenging to build a career in cybersecurity because of the dynamic and evolving nature of cyber domain.
I would advice to start with a solid education in cybersecurity, computer science, and information technology with a strong holistic approach. Then I would suggest to develop an expertise in digital forensics, cryptography, penetration testing, incident response, ethical hacking, systems administration, security analysis, or threat intelligence because cybersecurity is a broad field with various specializations. But, above all I would recommend a strong focus on interdisciplinary studies, experiences, and soft skills.