TIM is involved both in research and in innovation regarding cyber security and more generally the security of information and networks. Activities carried out in 2019 included the following:
- the development and application of machine learning algorithms and artificial intelligence for the evaluation and prediction of the risk level of potentially dangerous e-mail messages and the automatic classification of malware samples;
- implementation of the responsible disclosure program to collect and manage vulnerability reports on TIM services, products or equipment spontaneously provided by customers, researchers or security experts. The persons filing reports are confident that the vulnerabilities are managed within a guaranteed timeframe and undertake to keep what they discover confidential until the countermeasures can be applied;
- the creation of a forensic analysis laboratory to support the investigation and analysis activities carried out in case of hacking;
- ongoing work on the development of a proprietary threat intelligence platform to support the collection, analysis and consumption of intelligence on new security threats; The relevant issues addressed during the year included: the development of criteria for estimating the level of confidence, reliability and relevance of the information acquired, the upgrading of breach indicators, and the integration of multiple sources;
- participation in the work of the four-year project CONCORDIA (Cyber security cOmpeteNCe fOr Research anD InnovAtion), as part of the European research programme Horizon 2020, and in particular the initiative "Establishing and operating a pilot for a Cybersecurity Competence Network to develop and implement a common Cybersecurity Research & Innovation Roadmap" with a focus on Intelligence platforms, tools and processes;
- overseeing and steering the activities of the GSMA (GSM Association) Fraud and Security Group, as Deputy Chair;
- the collaboration, within the scope and 3GPP SA SECAM, for the definition of the security requirements and test methods on devices for 3GPP standard (SECAM) networks and those for the security of 5G infrastructure;
- participation, within the ETSI, in the work of TC CYBER focused on cyber security and the ETNO field, NSecFC WG (Network and Services Security, Fraud and Cybercrime), and more specifically the CERT TF (Computer Emergency Response Team Task Force);
- the implementation of various scouting activities to identify and assess emerging and/or innovative security solutions including cyber range technologies (environments/platforms for training and education of personnel on cyber security issues and challenges) and cyber deception technologies (technology that tries to deceive hackers by realistically replicating the characteristics and components of company networks and making them believe that they are hacking the company perimeter and have come into possession of sensitive data relating to devices/systems present in the network);
- the implementation of multiple security campaigns testing to assess the level and adequacy of new equipment, instruments, and devices in terms of security.
 Machine learning programs.
 Procedure to report the vulnerabilities of IT systems, leaving the recipient the necessary time to identify and apply the appropriate countermeasures, before disclosing them publicly.
 Threat intelligence platform.
 Expertise in cyber security for research and innovation.
 Establishing and managing a pilot project for a cyber security skills network in order to develop and implement a common roadmap for research and innovation in cyber security.
 Fraud and security.
 The 3rd Generation Partnership Project.
 Security Assurance.
 SECurity Assurance Methodology.
 European Telecommunications Standards Institute.
 European Telecommunications Network Operators’ Association.
 Network and services security, fraud and cybercrime.
 Computer Emergency Response Team Task Force.
 Safety tests