Italo is the first private Italian operator on the high-speed rail network and the first in the world to use the Alstom AGV train, capable of reaching speeds up to 360 km/h. With a strong focus on innovation, comfort, and personalized services, Italo operates in a highly technological and customer-centric environment that requires robust and resilient cybersecurity measures.
Over the past year, the railway sector has experienced a significant evolution in cybersecurity. There has been a marked increase in the adoption of AI and machine learning for real-time threat detection, predictive analytics, and automated incident response. At the same time, governments and regulatory bodies have intensified their focus on sector-specific cybersecurity standards, increasing compliance requirements for operators.
Within the organization, cybersecurity reports directly to the IT department and works closely with other IT functions to ensure that new business initiatives integrate appropriate security measures from the outset.
However, growing digitalization, the introduction of new services for end customers, and the expanding use of AI technologies have created new challenges. Managing these technologies securely and raising awareness around their responsible use have become strategic priorities. Additionally, there has been a shift in mindset: cybersecurity is no longer seen as a static perimeter defense based solely on implemented technologies, but as a continuously evolving process requiring skilled professionals and adaptive strategies.
To strengthen its security posture, Italo launched a tender for SOC services, including the monitoring and management of corporate perimeter protection platforms. The collaboration with NEVERHACK began following this tender process.
What distinguished NEVERHACK was not only the technical proposal but the presentation of an evolutionary roadmap specifically tailored to Italo’s business context. This roadmap demonstrated a strong customer-centric approach and a long-term vision that aligned with the company’s strategic objectives.
The partnership has extended beyond basic service delivery. NEVERHACK has provided support ranging from technical solution scouting to assistance with internal processes. Together, the teams have worked on reviewing and improving network segmentation and segregation within the primary data center. Enhanced security measures were introduced through the implementation of Next-Generation Firewall (NGFW) controls, while also optimizing and improving network flow efficiency.
Through ongoing collaboration, joint procedures have been developed to address key security aspects, fostering synergy between external experts and internal teams. This cooperation has enabled continuous improvement of existing solutions and the development of new methodological approaches to managing security incidents.
Since the partnership began, Italo has achieved greater effectiveness and efficiency across the managed security areas. The infrastructure has been strengthened, and with the support of the NOC, technological solutions have been optimized to provide greater visibility and more efficient configuration management.
The review of data center network segmentation and the implementation of NGFW controls have significantly improved both security and operational performance. The organization now benefits from enhanced monitoring, better incident management procedures, and a more proactive security approach.
Most importantly, the perspective on cybersecurity has evolved. What was once perceived as a matter of deploying sufficient perimeter technologies is now understood as an ongoing process that depends on continuous evolution, skilled professionals, and strong collaboration. This shift has positioned cybersecurity as a strategic asset within the company, with external partners like NEVERHACK playing an increasingly critical role in supporting future growth and resilience.
With Neverhack’s support, we were able to review the segmentation and segregation of the network in the primary data center, adopting improved security measures by implementing NGFW controls and optimizing and improving network flow efficiency.
Pierpaolo Romano
Information Technology Responsable Cyber Security – ITALO
