Snam

Snam leverages Bitsight to enhance compliance with European security regulations.

Snam

Snam must remain compliant with the EU Network Infomation Security Directive, the first EUwide cybersecurity legislation designed to enhance cybersecurity across the region. Snam works to maintain the security of Europe’s energy infrastructure, and has access to extremely sensitive data. It is essential that the organisation maintains a strong security performance in order to protect their critical information.

Snam was interested in acquiring a tool that would allow it to monitor and improve its security performance and effectively communicate the progress to the executive team and the Board. In addition, it needed to identify and reduce the number of botnets in its security infrastructure and monitor the security performance of industry peers and companies involved in its supply chain, assumed to be critical for the business.

Giovanni Signorelli
Cybersecurity Manager, Snam

"One of the best values we see is internal communication. Today our CEO and CSO show our Bitsight Security Rating to Board members and demonstrate our security performance in just one slide, which, for us, is extremely beneficial."

Snam was tasked with centralizing all corporate security for better corporate governanace of cyber risk. As a result, they moved the cybersecurity team under the corporate security department renamed “Global Security & Cyber Defense.” This shift in organisational structure drove the need for holistic continuous monitoring of Snam’s cybersecurity performance across the organisation’s entire global digital footprint.

Bitsight helps organisations take a risk-based and more outcome driven approach to managing the performance of their organisation’s cybersecurity program from a central department. Through broad measurement, continuous monitoring and detailed planning and forecasting - security and risk leaders are using Bitsight for Security Performance Management in their efforts to assess and measurably reduce cyber risk.

Assess performance of current cyber security posture

Allocate limited resources and prioritize security efforts and initiatives

Set achievable security team goals, track and report on progress over time

By leveraging Bitsight, Snam is able to identify and prioritize key areas of risk based on independent and objective data and share that information with its internal IT teams who are working to efficiently remediate security issues.

The organisation is pleased with how easy it is to digest the information in the Bitsight Security Ratings Platform. Giovanni Signorelli, Cybersecurity Manager at Snam, expressed how they “use the platform’s graphics to show our improvements to the Board, because it’s simple and quick to use.”

In addition, Snam uses their Bitsight Security Rating when conducting internal risk analysis assessments and considers Bitsight to be a risk reduction tool across their entire organisation.

Based on their success with Bitsight, Snam wants to take a closer look at their supplier ecosystem in order to control the cyber exposure of their vendors. They have designed a workflow to monitor the rating of their critical vendors and contractors and will begin using Bitsight for Third Party Risk Management by the end of 2019.