Privacy - Digital whistleblowing - Cybersecurity


Consulting and training in public sector, SMEs and enterprise company (including multinationals) in the following sectors: privacy, data security, computers crimes, computer forensics and digital investigations, ICT security, risk management, information security management systems in accordance with ISO 27001 standard, Business Continuity Management (BCM) ISO 22301, ICT audit, phisical security, PCI-DSS (Payment Card Industry-Data Security standards), whistleblowing procedures. Among the Customers there are food industry and manufacturing groups, publishing groups, hospitals and health care facilities, tax collection companies, shipping companies, airports, motorway operators, multi-utilities, business datacenter, enterprise for digital communication, storage companies, notaries, lawyers and professional studies, international consulting companies, System Integrators, surveillance and biometrics companies, government-owned corporation, companies operating in the field of military defense and Courts.
He is Data Protection Officer and Organismo di Vigilanza (OdV 231) in many organizations.

He is specialized in ISO 27001 consulting.

Consulting and training

  1. General Data Protection Regulation (GDPR)
  2. Corporate liability and computer crimes (D.Lgs. 231/2001)
  3. ICT controls and Jobs Act (D.Lgs. 151/2015)
  4. Information Security Management System and standard ISO 27001
  5. Business Continuity Management System and standard ISO 22301
  6. AEO Management System and Risk treatment plan
  7. Whistleblowing Management System
  8. Digital forensics
  9. Cybersecurity Risk Management
  10. IT Audit, Assessment, Advisory and ICT Due diligence
  11. ICT Compliance
  12. Bank-It Compliance
  13. Automotive TISAX (Trusted Information Security Assessment Exchange) Compliance

Articles and scientific contributions

  1. “Linee guida per la predisposizione di procedure in materia di whistleblowig” with Transaprency International Italia and DLA Piper, 2016
  2. “Cybersecurity risk managment e whistleblowing”, «ICT Security Magazine», Tecna Editrice, 2016
  3. “La normativa italiana in materia di whistleblowing, risk management e best practice per la corretta gestione di un sistema di segnalazione”, «Ciberspazio e Diritto», Mucchi Editore, 2015
  4. “Internet, censura e controllo in Siria e in Arabia Saudita”, «Ciberspazio e Diritto», Mucchi Editore, 2011
  5. “Whistleblowing 2.0. Le soffiate tra opportunità di community etiche e problematiche giuridiche”, «Ciberspazio e Diritto», Mucchi Editore, 2011
  6. “Il regime normativo della data retention nell’ordinamento italiano. Stato attuale e problematiche concrete”, «Ciberspazio e Diritto», Mucchi Editore, 2010
  7. “Deontologia Privacy per avvocati e investigatori privati”, Giuffrè editore, 2009 (co-author)

Research fields

  1. Privacy Law & UE Data Protection
  2. Data Protection Officer
  3. Data Protection Impact Assessment
  4. Data Breach
  5. Videosurveillance TVCC, biometrics technology and privacy
  6. Geolocation and privacy
  7. Marketing and privacy
  8. ICT Law
  9. IT Governance
  10. Computer crimes
  11. IT Risk Analysis
  12. Risk Management
  13. IT Frauds
  14. Security Policy
  15. ISO Standards
  16. Information Security
  17. PCI-DSS
  18. Ethical Hacking
  19. OSINT (Open Source Intelligence)
  20. COBIT & ITIL framework
  21. Business Continuity & Disaster Recovery Plan
  22. Computer Ethics
  23. Cryptography and law
  24. Digital Human Rights
  25. Whistleblowing & Data Leaks
  26. Phisical Security
  27. On-line crisis management
  28. AEO certification
  29. Corporate Social Responsability