The presentation of the Cybersecurity Observatory with focus on the European NIS2 directive took place this morning, Monday 16 December, in the Press Room of the Chamber of Deputies. The initiative was promoted by ANGI – National Association of Young Innovators in collaboration with Tinexta Cyber with the high patronage of the Offices of the European Parliament in Italy and of Assintel Confcommercio.
The NIS2 Directive, recently implemented in Italy with Legislative Decree 138/2024, marks a milestone in the construction of a safer and more resilient European system. The regulation is not only a mandatory task to be respected, but an opportunity for companies to rethink their vision of security and operational continuity, in a rapidly changing world. The heart of NIS2 is the concept of “digital resilience”, a value that must permeate all company activities. The directive requires organizations to adopt adequate security measures, manage risks systematically and promote a culture of cybersecurity at all levels. Businesses, whether they operate in critical industries or are part of critical supply chains, are challenged to invest in protection that not only defends against attacks, but allows them to react and adapt promptly and proactively to new threats .
It is not simply a matter of adapting to a set of rules, but of undertaking a path of maturation and awareness.
“This Tinexta Cyber analysis represents an essential starting point for understanding the state of preparation of Italian companies in the face of the challenges of the Nis2 directive. And today’s meeting is a unique opportunity for a direct discussion between companies, institutions and politics, fundamental for guiding future actions on cybersecurity. A crucial step to create an ecosystem capable of protecting data and guaranteeing the operational continuity of the country system. Only a shared approach will be able to strengthen our digital sovereignty and guarantee real resilience.” – Andrea Monti, General Director of Tinexta Cyber.
“Cyber threats have evolved, moving away from organized crime towards an increasingly tense geopolitical context. The real paradigm shift brought by Nis2 is the concept of resilience: not only protection, but also the ability to maintain operational continuity in complex scenarios. Our goal must be to reduce risk where possible and transform residual risk into resilience, adopting an approach that allows companies to react quickly and maintain security even in unpredictable contexts. The transfer of military best practices to the business context represents a fundamental strategy to face current and future challenges.” – Pierguido Iezzi, Strategic Business Director of Tinexta Cyber.
But what is the level of maturity of companies in the face of this change? According to the analysis conducted by Tinexta Cyber on Italian companies, the average level of compliance is still far from full compliance, with only 61% of companies having undertaken a structured path towards NIS2. In particular, key areas such as risk management and staff training are still lacking, highlighting a critical gap in companies’ preparedness to meet regulatory challenges. The reflection that emerges from this analysis is clear: compliance is not just a question of sanctions or bureaucratic obligations, but a strategic lever for strengthening competitiveness. Adopting a structured approach to security means not only protecting your assets, but also demonstrating responsible risk management to customers, partners and institutions. In a landscape where trust is a fundamental value, being compliant with NIS2 is not just a legal matter, but a declaration of intent towards a safer and more transparent future. This process of adaptation to NIS2 must involve every level of the company, starting from the top. The board of directors (BoD) is called to play an active role in the management of IT risks, assuming direct responsibility in defining security strategies. The growing complexity of threats and the continuous evolution of business models require an integrated vision of security that must start from top management, involving all company functions, from governance to operational management.
The main themes covered by the conference, in addition to the presentation of the Observatory data, were the perspectives and actions on the world of innovation, defense and security between businesses and public administration. Among the authorities present: the Hon. Alessandro Giglio Vigna President of the European Affairs Commission of the Chamber of Deputies; the Hon. Marco Pellegrini Defense Commission and Member of COPASIR – Parliamentary Committee for the Security of the Republic; Francesco Tufarelli Director General Presidency of the Council of Ministers; Giovanni Ponti Head of ICT & Cybersecurity ENEA Agency; General Domenico Rossi, former Deputy Chief of Staff of the Army and Undersecretary of State at the Ministry of Defence.
“I thank ANGI for this great initiative and I was pleased to have hosted and promoted this event in the Chamber of Deputies, the XIV Permanent Commission, which today sees me as president, has dealt with the topic of Cybersecurity both in the ascending and descending phases. The topic of Cybersecurity is increasingly important, today we can define it as one of the strategic assets of our country. Once again the objective is to network with other countries in the Western world in order to build an increasingly stronger and more important digital defensive wall to protect ourselves from cyber attacks and to defeat phenomena of cyber terrorism that could occur, therefore, it is right that our country teams up not only with the European Union and its member countries but also with Great Britain, with the neighboring countries, with the Transatlantic world such as Canada and the United States, with Japan, with Israel, with Taiwan and with all those countries that fall within the great family of Democracies, with the so-called free world, i.e. the West”. So theHon. Alessandro Giglio Vigna President of the European Affairs Commission of the Chamber of Deputies.
“First of all, congratulations to ANGI and all its representatives for what you are doing on the issue of cybersecurity in Italy. It is a truly central aspect and we should do our utmost to increase both sensitivity on the topic and prepare all the precautions and regulatory provisions in order to allow the highest possible defense against potential cyber attacks. However, I would like to say that in this sector, if all the necessary investments are not made, as I believe the situation requires at the moment, significant progress will not be made. My hope is that all the political forces that make up the current government majority become aware of the seriousness of the problem and therefore understand that only with investments in infrastructure and technologies can significant steps forward be made, if we do not do the repercussions will be negative for citizens, businesses and institutions”. So there‘Hon. Marco Pellegrini Defense Commission and Member of COPASIR – Parliamentary Committee for the Security of the Republic.
To coordinate the work Gabriele Ferrieri, President of ANGI (formerly ForbesU30 and among the most influential 40under40 in Europe on innovation and digital) who commented as follows: “Innovation passes through cybersecurity, a fundamental element for the development of secure digital infrastructures of companies and public administration and as the National Association of Young Innovators we are committed to the main players in the sector and the relevant government authorities, including the ACN, to give our maximum contribution to digital resilience and the valorisation of these systems to defend the country’s ecosystem”.
In conclusion, the Directive must be seen as an opportunity to reflect on how cybersecurity can be a driver of innovation. The measures required by the directive, if implemented strategically, can be a starting point for rethinking business processes, improving operational efficiency and creating new growth opportunities. A company that invests in safety not only reduces risks, but prepares to meet the challenges of the future with greater ability to adapt. In this scenario, Tinexta Cyber presents itself as a privileged interlocutor for Italian companies wishing to undertake this path.
