A cybersecurity training session for SMEs in the productive sector of the Etna area and the public administration, with the aim of increasing the companies' understanding and knowledge of potential cyber threats and their possible cascading effects on the whole economy. With these objectives in mind, the first of the meetings organised in the main Italian cities by TIM Enterprise, the Group's business unit dedicated to companies, public administrations and large customers, and the local representatives of Confindustria, began today in Catania.
The focus is on the new European Directive on Cybersecurity (NIS 2), which even small and medium-sized Italian companies will have to comply with by next year.
The increasing digitalisation of companies and public administrations exposes the entire supply chain to risks stemming from attacks on the least cyber-secure organisations. According to data collected by the TIM Research Centre, 61% of SMEs believe they could be the target of cyber attacks, but only 32% believe they are ready to manage them.
More generally, in 2023, subjects targeted by cyber attacks grew by 187%. In particular, according to TIM's cybersecurity systems, high-intensity Distributed Denial of Service (DDoS) attacks – where criminals overload websites, servers or network resources with huge amounts of malicious traffic – accounted for around 30% of total attacks, double the previous year. Italy is also the third-most affected country in Europe (and sixth in the world) in terms of the number of DDoS attacks, and the most affected EU country in terms of ransomware attacks, characterised by ransom demands.
In this situation, the provisions of the new NIS 2 Directive, which aims to raise the general level of cybersecurity in Europe, will also be applied to SMEs if they are suppliers to companies operating in certain sectors defined as critical, such as manufacturing, food, waste management, energy, transport, water and healthcare, as well as banking, finance and digital services. The measures range from risk analysis to incident management, from business continuity to supply chain and IT security. Further attention is required in relation to cyber strategies, employee training, encryption and two-factor authentication tools. Failure to comply with NIS 2 will result in significant penalties.
The event was attended, among others, by Maria Cristina Busi Ferruzzi, President of Confindustria Catania; Arturo Lentini, Vice President of Confindustria Catania; Viviana Lombardo, Councillor for Information Technology and Digitalisation Services of the Municipality of Catania; Nicolò Rivetti di Val Cervo, Head of the Network and Information Security and Union Disciplines Division, Regulatory Service, National Cybersecurity Agency (ACN); Michele Vecchione, Head of Security Offering at TIM Enterprise; Gian Luca Ricci, Cyber Operational Leader at Telsy. Proceedings concluded with speeches by Michele D'Ambrosio, Digital Adviser - Digital Policies and Supply Chains, Life Sciences and Research of Confindustria and Dario Daidone, President of the Budget Commission of the Sicilian Regional Assembly.
There were numerous first-hand accounts from key local companies, including from Alessia Valentini, Marketing and Business Development Manager of Advens Italia; Salvatore Rosa, Business Unit Director of EHT The Platform; Sebastian Motta Digital Innovation Manager of Sifi; Lucilla Ierna, System Information Security Manager at STMicroelectronics.
The opening meeting today in Catania will be followed in the coming months by events in Bari, Naples, Rome, Milan and Modena.