Contact
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Cybersecurity is about sharing. Recognize the risk,
combat it, share your experiences, and encourage others
to do better than you.
Home
Shocking Discovery on Instagram: Private Posts Accessible Without Login!-Email Security Under Pressure: Phishing Kits to Double in 2025-How a simple Visual Studio Code file can become a backdoor for state-run hackers-Khaby Lame is selling the rights to his digital identity for $900 million. But there’s reason to think.-Microsoft Teams will know where you are: your geographic location will be inferred from your Wi-Fi-Shocking Discovery on Instagram: Private Posts Accessible Without Login!-Email Security Under Pressure: Phishing Kits to Double in 2025-How a simple Visual Studio Code file can become a backdoor for state-run hackers-Khaby Lame is selling the rights to his digital identity for $900 million. But there’s reason to think.-Microsoft Teams will know where you are: your geographic location will be inferred from your Wi-Fi
Cyber Offensive Fundamentals 320x200 V0.1
LECS 970x120 1

Author: Marcello Filacchioni

Marcello Filacchioni

ICT CISO and Cyber Security Manager with over twenty years of experience in the public and private sectors, he has led IT security projects for leading companies. Specialising in risk management, governance and digital transformation, he has collaborated with international vendors and innovative start-ups, contributing to the introduction of advanced cybersecurity solutions. He holds numerous certifications (CISM, CRISC, CISA, PMP, ITIL, CEH, Cisco, Microsoft, VMware) and teaches pro bono in the field of cyber security, combining his passion for technological innovation with his commitment to spreading the culture of digital security.

Profilo LinkedIn
Areas of Expertise Cyber Security Strategy & Governance, Vulnerability Management & Security Operations. 

Current Positions

  • CISO & Head of Cybersecurity – BSG: Responsible for defining security strategy, risk management, and compliance; leading cyber operations; and supporting the business through an integrated approach that combines governance, technology, and people.
  • Pro Bono Lecturer and Public Educator

Core Competencies

  • Cyber Security Governance & Strategy: roadmap definition, security models, GRC, CISO advisory
  • Risk Management & Compliance: ISO/IEC 27001, NIS2, DORA, GDPR, NIST; audits and remediation
  • Certifications: CISM, CRISC, CISA, PMP, ITIL, CEH, Cisco, Microsoft, VMware
  • Security Operations: SOC, incident response, threat detection, vulnerability and patch management
  • Leadership & People Management: multidisciplinary team leadership, mentoring, skills development
  • Business & Stakeholder Management: pre-sales, RFPs, budgeting, KPIs, C-level engagement

Initiatives and Contributions

  • Red Hot Cyber: Author of articles published on Red Hot Cyber.
  • Collaborations: Strategic, executive, and operational support to private companies, public administrations, and startups in the design, implementation, and governance of integrated cybersecurity and risk management programs. Activities include security posture assessment, cyber and operational risk management, compliance with international regulations and standards (e.g., ISO/IEC 27001, NIS2, NIST Framework, DORA), governance model design, protection of critical assets and sensitive data, strengthening organizational resilience, coordination with internal and external stakeholders, and support for executive decision-making and oversight bodies, including in digital transformation and technological innovation contexts.

Professional Vision

Cybersecurity is a strategic business enabler and a core component of modern organizational governance. His vision as a CISO is centered on embedding cybersecurity into corporate decision-making, transforming cyber risk from a purely technical concern into a driver of resilience, operational continuity, and sustainable growth. He promotes a structured, measurable, and sustainable approach to risk management based on effective governance models, compliance with international standards and regulations, protection of critical assets, and the conscious adoption of technological innovation. In his model, the CISO’s role is to guide organizations in building secure and resilient digital ecosystems, while fostering a strong security culture, stakeholder dialogue, and a long-term vision capable of anticipating emerging threats and supporting responsible digital transformation.

Web Resources

Numero di articoli trovati: 12

When Malware Hides in Videos! The PixelCode Technique Breaks the Rules

PixelCode began as a research project exploring a hidden technique for storing binary data within images or videos . Instead of leaving a plaintext executable, the file is converted into...

- January 26th, 2026

Share on Facebook Share on LinkedIn Share on X

NoName057(16) hits Italy 487 times in the last 3 months: the DDoS wave does not stop

Italy has confirmed itself as one of the main targets of the DDoS attack campaign carried out by the hacktivist group NoName057(16) . According to what was declared directly by...

- January 24th, 2026

Share on Facebook Share on LinkedIn Share on X

Uncovering Russia’s Cyber Operations: CISM’s Role in DDoS Attacks

What we wrote in the article " Patriotic Code: from DDoSia and NoName057(16) to CISM, the algorithm that shapes youth for Putin " on Red Hot Cyber on July 23rd...

- December 11th, 2025

Share on Facebook Share on LinkedIn Share on X

Beyond the Screen: The Postal Police Event for a Healthy Life Beyond Social Media

The Red Hot Cyber Community had the opportunity to participate in "Beyond the Screen," the Postal Police's important initiative for young people on October 2nd , with the aim of...

- October 3rd, 2025

Share on Facebook Share on LinkedIn Share on X

NIST Towards Post-Quantum Cryptography

NIST , through its National Cybersecurity Center of Excellence (NCCoE) , has released the first draft of a new document dedicated to post-quantum cryptography (PQC) . Cryptographic algorithms have always...

- September 29th, 2025

Share on Facebook Share on LinkedIn Share on X

CrowdStrike: Cybersecurity Enters the Age of AI Agents

At Fal.Con 2025, the annual conference that brings together thousands of cybersecurity experts from around the world, CrowdStrike made one thing clear: cyber defense is entering a new era, that...

- September 24th, 2025

Share on Facebook Share on LinkedIn Share on X

Netshacker: Retrogaming e Hacking Reale su Commodore 64

In the Commodore 64 gaming landscape, Netshacker stands out as a project that challenges the conventions of modern gaming, taking gamers back to the roots of 1980s home computing. This...

- September 4th, 2025

Share on Facebook Share on LinkedIn Share on X

$20 million in zero-day exploits from broker Advanced Security Solutions

Advanced Security Solutions, based in the United Arab Emirates, was founded this month and is offering up to $20 million for zero-day vulnerabilities and exploits that would allow anyone to...

- August 22nd, 2025

Share on Facebook Share on LinkedIn Share on X

Nike Under Fire! IT Infrastructure Access for Sale from an Initial Access Broker

An Initial Access Broker is selling access to Nike USA servers on a popular underground forum. A recent post on a dark web forum has raised new concerns about the...

- August 20th, 2025

Share on Facebook Share on LinkedIn Share on X

Discovering Access Brokers. What are Initial Access Brokers (IaBs) and what do they sell in the underground market?

We've often talked about how ransomware attacks work and how the ransomware as a service (RaaS) pyramid works, which assigns a role to each team of criminal hackers, as seen...

- August 7th, 2025

Share on Facebook Share on LinkedIn Share on X
Category