ADUE’s commitment to Cyber Security

ADUE S.p.A., in order to counter cyber threats, while guaranteeing operational continuity and data security, has developed effective corporate IT security policies.

A cyber team, within ADUE, is dedicated to implementing technical activities and organisational measures and monitoring the security and compliance level of both the company’s IT infrastructure and the industrial systems supplied to its customers.

ADUE’s strategy towards Total Safety is based on three fundamental pillars:

• Technological Investments that integrate innovative solutions such as artificial intelligence and machine learning to predict and prevent cyber attacks in real time.
• Staff Training to increase awareness of cyber risks and ensure safe practices in the use of IT tools and digital technologies.
• Adherence to existing Industry Cyber Security Regulations and Standards. The company actively participates in technological evolution by implementing the New EU Machinery Regulation 2023/1230.

The main ways of implementing the ADUE strategy are:

• Vulnerability Analysis: ADUE carries out regular audits of industrial systems to identify and mitigate potential weaknesses. For optimal management, ADUE divides the industrial networks of its systems into “Zones”, defining the “Security Level Target” for each of them, calculated based on the risk assessment. From the point of view of its IT Infrastructure, ADUE systematically undergoes systemic vulnerability analyses and Internal and external VATP “Penetration Tests” and security audits of its wireless networks.
• Defence Tools: to defend against cyber attacks, ADUE uses a differentiated strategy, including advanced firewalls, intrusion detection systems and advanced encryption protocols to protect sensitive data.But also other measures, such as: the physical separation of networks (OT and IT), using switches programmed to allow specific network traffic; the management of all access to the systems through unique identification of the operator and by implementing an action log system; the delimitation of physical access to the area, disabling all unused network ports.
• Analysis of Specific Case Studies: through the analysis of specific case studies, ADUE verifies the effectiveness of its security strategies, establishing a “Disaster Recovery Plan” procedure to restore normal operations in the shortest possible time.