Security testing reuse enhancing active cyber defence in public administration

The pervasive use of new technologies in sensitive contexts (e.g. management of critical infrastructures) is leading nation states to protect the cyber domain through the creation of governmental bodies with this specific responsibility. This requires the definition of specific protocols to manage different attack scenarios, rules, guidelines, and behaviors. Public administrations must follow such protocols to develop an appropriate cyber defence capability. The aim of this paper is to introduce a new high-level framework to improve proactive cyber defence in the current Italian Public Administration. The general objective is to promote the reuse of information coming from security tests in order to optimise local resources while meeting global (national level) normative requirements and cybersecurity good practices. Protocols for different scenarios are described and expected micro-/macro-economic effects are discussed.