ReLife Group and Cyber Guru: Security awareness serving the circular economy
ReLife Group represents Italian excellence in the circular economy sector, with a unique business model that integrates the entire recycling supply chain. A national leader in the management and valorization of separate waste collections, the Group transforms about 1 million tons of urban and industrial solid waste into new products annually, with a turnover of 400 million euros and a constantly growing team of about 1,000 employees.
The core of ReLife’s activity is structured through four operational divisions:
- ReLife Recycling – handles the collection, transport, sorting, and recycling of recoverable materials in central-northern Italy, transforming waste into secondary solid fuel (SSF) for cement plants to replace fossil coal.
- ReLife Paper Mill – annually transforms 125,000 tons of cellulosic secondary raw materials into cardboard, paperboard, tubes, and other products, producing over 110,000 tons of new materials.
- ReLife Paper Packaging – manages three integrated box factories that produce over 170 million square meters of corrugated cardboard annually, using over 80% recycled paper.
- ReLife Plastic Packaging – transforms over 15,000 tons of granules into 2.5 billion bags with an average recycled plastic content of over 80%, producing 800 different products ranging from food bags to waste collection bags.
In a context of continuous growth and strong digitalization of processes, the Group has paid particular attention to cybersecurity, choosing to invest in staff training through the Cyber Guru platform. We discussed this with Irakli Bano, CISO of ReLife Group, who shared the company’s experience with us.
“Our DNA – explains Bano – is to practice circular economy, transforming waste that has lost its value and bringing it back to the shelf as a finished product. It’s a complex operation where technology plays a crucial role, forcing us to always stay up-to-date on the security front.”
The starting point for building a defense strategy for ReLife was the awareness of human vulnerability.
“Today – says Bano – about 80% of attacks originate from human error. To increase awareness within the company, we sought a platform capable of training staff in a streamlined and continuous manner, forming the right awareness, which we consider the starting point for any type of defense against cybercrime.”
The decision to rely on Cyber Guru matured after a careful evaluation of the various solutions available on the market. “We were particularly convinced by three pillars,” says the company’s CISO. “Awareness, gamification, which worked very well, and the annual rewards that incentivized participation. Another important point that convinced us is Cyber Guru’s guarantee of making everyone capable, in a reasonable time, of recognizing threats and dealing with them. Additionally, the platform offers us the opportunity to evaluate results through monthly simulations.”
The journey, now in its fourth year, has shown significant benefits since the end of the first year. After all, the numbers speak for themselves and testify to the effectiveness of the approach adopted by ReLife. “Initially, we had a 40-50% success rate of phishing attempts,” reveals Bano, “today we reach a 15% click rate without credential entry and a maximum of 5% with credential entry.”
A cultural change at all levels
The most significant change concerns the employees’ attitude towards the continuous and increasingly sophisticated cyber threats. “Before starting the training path, few were truly able to intercept a threat. Fortunately, we never had serious incidents, but I wouldn’t have been surprised if someone had followed through with a fake request to transfer funds from the CEO. Today, I’m sure that risk no longer exists because doubt has become the first element to consider, and attention is much higher, at all levels and for all company roles.”
Moreover, the need for a solid cybersecurity culture is also reinforced by regulatory obligations: “For the new NIS2 regulation, managing waste, we fall into the category of important entities and therefore are obliged to be compliant. But in any case, we are convinced that today it is essential to create a true culture in cyber security. Because, aside from adopting all possible technological measures, which remain a starting point, preparing the human factor is the most effective path. It is useless, in fact, to have armored doors if someone in the company then opens the door wide for the thief who rings the bell.”
Looking to the future, Bano is aware of the challenges that technological evolution brings: “On one hand, AI will help criminals build increasingly sophisticated attacks, but with partners like Cyber Guru, we are confident in managing them, thanks to the validity of the training path that is motivating, stimulating, always updated, and highly usable. Moreover, it has strong impacts on the daily lives of employees who can bring everything they learn in the company to their families and daily lives, building a security core even in their private lives.”
