Giustino Fumagalli

From Microprocessors to Security Governance

Expert in Computer Science and graduated in Political Science, Senior Security Manager UNI10459. Certified in: • Business Continuity: Certified Business Continuity Professional - CBCP (DRII - USA) • Information Security: CISM and CRISC (ISACA - USA), Qualified Lead Auditor ISO27001 (BSI - UK) • Risk Management: Lead Risk Manager ISO 31000 (PECB – Canada), MoRf (Axelos – UK) • Project Management: PMP (PMI - USA) and PRINCE2 (APMG - UK). He is author of the legal text “Software protection in the European Union. Patent and copyright” published in 2003, Nyberg ed. (2° edition in 2005). Co-author of Paper “Strategies to improve Critical Infrastructures Robustness against the IEMI threat: Review of Standards and Guidelines on the topic” (CRITIS 2015). I have carried out this profession since 1988, starting as a real-time embedded software designer of satellite systems. Then, I have worked in a multinational corporation as head of software design of Lawful interception service for telecommunications power plants and as a firmware design team leader in the sector of SDH optical transmissions. Through the years and since 2002, I have become a Project Manager consultant on national and European projects on institutional communication security and Civil Protection against terrorist attacks and natural disaster and on service continuity of Critical Infrastructures in general. In brief, my professional experience has gradually led me to leave the Research and Development area and move on to Process Governance, from “micro” to “macro” security aspects of Information Security and organizational and process Business Continuity. Risk Management, critical process Governance and compliance with law and regulations could be said to be my today’s mission but I would rather say that it is my profession and since 2010 I have been a freelancer ranging over many issues, across Energy, Telecommunications and Media, Banking and Finance, Luxury and Public Health