Exprivia IT Solutions is part of Exprivia Group, one of the most important Italian digital technology players, offering comprehensive digital transformation solutions.
An international ICT specialist, Exprivia Group leverages digital technologies to steer the business drivers of change for its customers. Exprivia distinguishes itself for its reliability in managing complex projects through connecting and integrating vertical and horizontal skills. The company is also recognised for its ability to create solutions that are easy to use and to update, as they are based on continuous research and innovation. Exprivia is one of the main players in the digital transformation of businesses, thanks to the wide range of skills and experience developed in over thirty years of working in a wide variety of markets: Banking, Finance & Insurance, Telco & Media, Energy & Utilities, Aerospace & Defense, Manufacturing & Distribution, Healthcare, and Public Sector. Exprivia’s skills range from Artificial Intelligence to Big Data & Analytics, BPO, Cloud, CyberSecurity, Digital Transformation, Digital Twin, IoT, Mobile, and SAP.
Exprivia’s Experience in China
Exprivia IT Solutions (Shanghai) was incorporated in 2014 as a direct investment of its mother company. It is led by Simone Ciampi, General Manager for Asia. In China, Exprivia focuses on representing a technological partner for international business players, as it specialises in IT Infrastructure, Cybersecurity, Cloud Solutions, and ERP/SAP projects. Headquartered in Shanghai, Exprivia provides services nationwide with branches in Suzhou, Guangdong, Beijing, Qingdao, and Hong Kong.
It integrates the expertise of Exprivia Group with European managers and local consultants, ensuring European quality standards, and a wide network of partners. Exprivia IT Solutions has a portfolio of 100+ clients across Asia and a team of 40+ professionals.
Exprivia IT Solutions focuses especially on foreign-invested companies looking for European standards in terms of quality and solutions. Its clients are manufacturing companies operating in China and service providers located in all the main industrial clusters.
As a sign of how important it is for an international company to be well positioned and localised in Asia, Exprivia has recently opened a new branch office in India, offering a consistent service across the most active manufacturing clusters in Asia.
The Importance of Local Support
When Exprivia entered the Chinese market, most international investments where focused on building manufacturing sites or opening new branch offices, without much investment in additional products such as technologies or software. The aim was to be there, quickly and with profit.
International companies in China have changed their approach over the years. While Exprivia in China started as a partner for IT infrastructures, it soon became clear that more and more clients were looking for more advanced support for issues such as ERP rollouts, cloud solutions, and cybersecurity. In a world where all is connected and companies follow a new way of operating, keeping an attentive eye on the most recent technologies is a must for well-managed companies.
Nowadays, smaller investments are not as common. More structured and well localised international companies in China have switched their focus to optimising their operations and maximising their profit. The Covid-19 pandemic itself posed new challenges and highlighted the need to implement tools such as ERP and CRM software.
International companies that invest in ICT and in Industry 4.0 and 5.0 access new opportunities, such as the optimisation of their manufacturing capacity and production costs, a higher efficiency of resource management, better advantages from data collection and analysis.
Exprivia looks exactly at these players, which tend to be the most successful and the most solid in an ever-changing market like China.
Case Study 1: Addressing the Needs of an Italian Manufacturing Company in Suzhou
A classic example of how Exprivia supports traditional manufacturing companies comes from a project delivered for an Italian company with a plant in Suzhou (Jiangsu Province), one of the densest industrial clusters in Eastern China. The client needed support in starting the plant from scratch and a reliable localised partner with a clear understanding of the company’s standards was going to be key.
Exprivia, through a dedicated PM, worked together with the client’s headquarters as well as with the local management. The plant was developed following a familiar path that starts from analysing the plant layout to installing the selected hardware. Exprivia interacted with the general contractor, the construction company and the interior design company to make sure that the ICT needs were considered while building the plant. It then took care of the internet line selection, optimised for both local traffic and international routing. It selected the hardware (networking, servers, CCTV, PCs, parking systems, door locks and attendance systems, etc.) finding the options that matched the client’s needs and market availability.
Case Study 2: ICT Improvements for a European Multinational Company
A further step towards advanced manufacturing is the core of a project for a European multinational company. The tech consulting project involved three main steps: an initial discovery phase to identify the exact needs, the selection of the right partners, and the execution of the project itself under the supervision of a dedicated PM.
Exprivia was mainly in charge of supporting strategic decisions, starting from an assessment “as-is”, to draw a reliable picture of the existing scenario. It then suggested a “to-be” scenario, which became the target of the project: the adoption of special software (Warehouse Management System, Asset management and ERP) and the deployment of new technologies (sensors to reach Industry 4.0 standards as well as AGV for Industry 5.0).
Starting from the client’s plant in China, the project was then replicated across their plants in several Asian countries.
Exprivia’s Cybersecurity Observatory
In an era dominated by digital advancements, the threat landscape for businesses has evolved significantly. Cyberattacks have become more sophisticated, posing serious risks to the integrity, confidentiality, and availability of sensitive data of companies in China.
Companies operating in the PRC face a unique set of challenges, with the government enforcing stringent cybersecurity laws to protect the nation’s digital infrastructure. To navigate this landscape successfully, organisations should align their cybersecurity strategies with compliance requirements outlined in China’s Cybersecurity Law, Data Security Law, and Personal Information Protection Law.
From a compliance perspective, staying informed about the evolving threat landscape is not only a best practice but also a legal obligation under China’s cybersecurity regulatory framework.
China’s Cybersecurity Law
China Cybersecurity Law, implemented in 2017, mandates that network operators take necessary measures to safeguard their networks, systems, and data. This includes the duty to monitor and respond to cybersecurity incidents promptly. Threat intelligence reports can provide crucial information to help organisations understand potential threats, enabling them to enhance their incident response capabilities and fulfil their legal obligations. For example, it is crucial to analyse and secure the supply chain and highlight risks associated with third-party vendors and partners, as well as give evidence of cybersecurity measures.
Data Security Law
The Data Security Law, enacted in 2021, places a strong emphasis on protecting important data and imposes obligations on companies to categorise and classify data, implement security measures, and conduct regular risk assessments. Threat intelligence reports aid in identifying potential threats to sensitive data, allowing organisations to tailor their security measures accordingly. It’s a fact that the great majority of attacks target data: the breach and theft of sensitive information or business data are the most common acts of cybercrime. This proactive approach not only enhances data protection but also aligns with the compliance requirements set forth by the Data Security Law.
Personal Information Protection Law
The Personal Information Protection Law, also enacted in 2021, focuses on the proper handling and protection of personal information. Threat intelligence reports can shed light on the specific tactics threat actors use to compromise personal data. Illegitimate actions include brute force, when an attacker tries all possible combinations to gain access to a system, phishing/social engineering, when people are manipulated to obtain confidential information or perform undesired actions, and malware, when a malicious software damages or compromises systems, networks or data. Malicious software include ransomware, trojans, infostealers, botnets, RATs, among others. By leveraging this intelligence, companies can implement targeted measures to safeguard personal information, ensuring compliance with the law and building trust with their customers.
In today’s dynamic digital landscape, where threats are ever evolving, organisations at all levels require robust and proactive cybersecurity measures. Protecting from cybersecurity involves a set of actions that companies should undertake with the help of a team of experts. Actions include:
- Security Risk Assessment and Analysis: meticulously analyse and assess potential cybersecurity risks and vulnerabilities, providing insights customised to each industry and geographical nuances.
- Penetration Testing and Vulnerability Assessment: engage in simulated cyberattacks to systematically identify and exploit security weaknesses.
- Security Event Monitoring and Incident Response: proactively monitor security events and respond rapidly and effectively to incidents, minimising potential impact and ensuring swift resolution.
- Strategic Guidance: receive expert guidance on enhancing overall cybersecurity posture, aligning security measures with your unique business objectives/
- Security Awareness and Training: elevate cybersecurity awareness through interactive training programs, including engaging gaming experiences and cyber-range exercises.
- Simulated Phishing Exercises: strengthen each organisation’s human firewall by conducting simulated phishing exercises, enhancing resilience against social engineering threats.
- Regulatory Compliance: ensure the organisation complies with relevant cybersecurity regulations and industry standards, reducing legal and regulatory risks.
- Infrastructure Design and Management: designing and managing infrastructure, incorporating both segmentation and micro-segmentation perspectives.
The real competitors are not those who provide better solutions, but the attackers who every day develop techniques and methodologies to compromise the services used by those defending themselves for their benefit.
Over the years, Exprivia has evolved to a team, the Cybersecurity Observatory, which comprises seasoned cybersecurity professionals with a proven track record in delivering effective cybersecurity solutions. Exprivia holds valuable partnerships and certifications with leading technology providers in the industry, ensuring cutting-edge solutions for all clients.
Exprivia, believing in the value of sharing, collects, analyses and makes available data collected on attacks, incidents and privacy violations for the benefit of those working in the world of Cyber Security, from its CyberCrime Observatory that collects data in several countries, including Italy and China. It also issues the Threat CyberSecurity Intelligence Report.
Exprivia, through its Cybersecurity Observatory, stands ready to mitigate the risk of a cyber incident impacting digital assets. Exprivia specialises in protecting sensitive information and fortifying the defences against a multitude of cyber threats. Services are founded on a proprietary threat intelligence framework, specifically tailored to each industry and each geographical location, with a highly flexible delivery model.
Case Study 3: CyberSecurity Project for an Italian Company in Guangdong
An Italian company in Guangdong Province involved Exprivia in a CyberSecurity project with the aim of identify the weaknesses of their system and implement solutions both to safeguard the company from attacks and comply with the existing rules.
The project started from an initial assessment “as-is” which included a questionnaire, and an onsite inspection conducted by Exprivia’s experts. The assessment led to a “to-be” scenario, the target of the project.
To reach the desired scenario, Exprivia performed Penetration and Vulnerability tests on the existing system and finally set up and equipped the company with a SIEM (Security Information and Event Management), a solution that helps organisations detect, analyse, and respond to security threats before they harm business operations.
