The implementation of the National Recovery and Resilience Plan (PNRR), through which Italy aims to lay the groundwork and restart after the pandemic, has been granted just over €40bn to enhance the nation’s connectivity, enhance education and innovative capabilities, and build greater cyber resilience, particularly among the SME community.
The plan aims to improve the country’s IT accessibility and, at the same time, enable a recovery phase built on the pillars of digitalisation, innovation and security.
Mission 1 of the PNRR (‘Digitalisation, Innovation, Competitiveness, Culture’) has an allocation of €40.73bn. As much as €24.3bn is set aside for the digitalisation, innovation and competitiveness of the production system. Some €6.68bn is channelled towards ‘Tourism and Culture 4.0’, and €9.75bn to IT renovation, enhancement and security in public administration.
The mission aims to improve connectivity throughout the country with the deployment of high-capacity telecommunication networks at an affordable cost for users.
The plan is to support TLC research and development, and the growth of digital technologies in businesses, particularly in SMEs. The goal is also to enhance the digital skills of workers and citizens across all age groups.
The first step taken by government bodies has been to draw the perimeter of national cybersecurity within which the forthcoming projects will be developed.
The Italian government’s action recognises the cyber domain as a key factor in a country’s national security system, which demands a high level of skill. It recognises that, if the next generation of national conflict and terrorism uses the cyberattacks, the country needs to be ready to protect itself.
For this reason, the Italian government has launched two crucial projects to bolster national cybersecurity.
The first was Italian Decree-Law No. 81/2021. This is the implementation step of the National Cybersecurity Perimeter, which defines a regulatory framework for national security and its strategic facilities.
In mid-June, a Decree-Law established the National Cybersecurity Agency (ACN), to set up concrete defence tools against cyber risks and also to boost awareness among private individuals, companies and institutions about this critical and fast-evolving risk.
The National Cybersecurity Perimeter will specifically address private and public operators that perform key and strategic functions for the country or provide a fundamental public interest service. The ACN also expands its catchment area to all information and digital system users.
One of the goals of the agency is to promote a cybersecurity culture, making the manufacturing sectors and the whole of civil society more aware of cyber risks and threats.
If cyberspace is increasingly the breeding ground of potential clashes and attacks on the strategic and production infrastructure of different countries, individual citizens also need to be more aware and play their part, said the government.
The new agency will operate under the responsibility of the president of the Council of Ministers and the Delegated Authority for the Security of the Republic, in coordination with the Security Intelligence System.
The new authority will be the reference point for public and private entities with respect to security measures and inspection activities on national cybersecurity, network and information systems (NIS Directive), as well as electronic communication networks security.
Cybersecurity activity, therefore, will be under the scope of the ACN at all levels. The ACN will provide support for the development of industrial, technological and scientific skills. The agency will promote projects for the innovation and development of the workforce, with the necessary skills to make the country independent in the management of its own strategic security.