Italy Country Commercial Guide
Learn about the market conditions, opportunities, regulations, and business conditions in italy, prepared by at U.S. Embassies worldwide by Commerce Department, State Department and other U.S. agencies’ professionals
Select Country Guide
Cybersecurity
Last published date:

Overview

In 2024, the cybersecurity market was valued at $2.7 billion, 15% more than the previous year. Italy remains a highly targeted country for cyberattacks. Ranking 4th worldwide and 1st in Europe for the number of attacks, last year Italy endured 10% of globally recorded attacks. Public sources show a 27.4% rise in the frequency of incidents (from 2,779 to 3,541) and a worse adverse impact in terms of their consequences. AI is being used to develop increasingly sophisticated attacks and also in defense techniques. Progressive advancement has resulted in response capabilities with more sophisticated defense and monitoring systems and more effective detection methods which allow for early threat detection, enhanced prevention and optimization of incident response times.   

The number of malware infections and botnets detected in Italy is growing again. Ransomware continues to be among the most significant malware threats and rose by 18%. Botnets identified in 2024 recorded a total of 180,486 events for an increase of about 41%. A key factor in this growth is the 911-socks5-proxy botnet, responsible for 36.13% of infections. Malware infections from connected devices grew by 131% (from 848,000 to 1,960,000). The number of malicious malware families in circulation grew by 7.5% (from 148 to 160).  DDoS attacks grew by 100% compared to 2023. Financial crime is increasingly the predominant type of cybercrime.  The most traditional mode of operation are phishing attacks for the theft of sensitive data to access home banking systems. Infection penetration continues to be relevant in mobile. 

The Postal and Communications Police (CNAIPIC) managed about 12,000 significant cyber-attacks and more than 59,000 alerts to prevent and counter attacks on computer systems of national interest. CNAIPIC mostly engages when malware attacks, especially ransomware attacks, phishing, distributed denial-of-service (DDos) attacks, and advanced persistent threat (APT) campaigns are involved. More than 1,500 attacks (+38%) were recorded on critical infrastructure, essential service operators and local public administrations. 

The primary sectors targeted include finance, insurance, and public administration. Larger companies turned to tools such as firewalls or virtual private networks (VPN) to raise protection levels, providing employees with remote access to corporate VPNs while augmenting perimeter protection.  

Large-company investments drive the Italian market for cybersecurity. According to the Cisco Readiness Index, only 1% of organizations are considered to have a mature stage of overall cyber readiness, 20% are at the progressive stage, 64% are formative and 15% are considered beginners. 87% of Italian companies are expected to increase their IT security budgets by 10% in 2024. The financial/banking and utility sectors are the main end-users of IT security, followed by the defense, public (national and local), manufacturing, transportation, and telecommunication sectors. 

More than 50% of SMEs are unprepared to face increasing threats. One in five companies lack a specific investment plan for IT security or only allocate resources as needed. Small firm managers perceive security as a cost rather than an investment and tend to show resistance in approving IT security expenditures. As this mindset slowly changes, sector analysts expect increased SME investments. Medium-sized companies and (to a lesser extent) small companies are increasingly choosing to invest in cybersecurity, often opting for advanced cloud security solutions.

Opportunities

Top market drivers include increased IT security awareness and enforcement of new government measures, while challenges include the increased sophistication of cyberattacks, a complex regulatory landscape, and the need to reduce a highly fragmentated IT security infrastructure. Strong opportunities exist in the software, hardware, and service areas, including cloud and mobile security. Specific areas of opportunity include identity access management (IAM), customer identity and access management (CIAM), web application firewalls (WAF), DDoS mitigation services, and endpoint security solutions. 

Cybersecurity is a key element in Italy’s digital transformation strategy. Government measures are being put in place to boost efforts to counter cyber risks. The National Cybersecurity Authority (ACN) was established in June 2021 to protect the national cyberspace. The agency promotes a coherent regulatory framework in the sector and exercises inspection and sanction functions. ACN ensures the implementation of Italy’s first-ever cybersecurity strategy announced in May 2022, which outlines the country’s digital roadmap. Security and innovation are priorities of the plan, which seeks to implement over 80 measures by 2026, some via public-private partnership. The government has allocated about $2.2 billion to implement the national strategy and earmarked additional funds for related operational management activities; $11 million for 2023, $55 million for 2024, and $77 million for 2025. 

ACN is overseeing the creation of a unified cloud computing infrastructure, a $2.5 billion project, to increase security for public-administration data storage. In partnership with Microsoft, the consortium TIM-Leonardo-Cassa Depositi e Presiti-Sogei, won the tender for the project in June 2022. The goal is to have 75% of the Italian administration migrated to cloud services by 2026. 

The National Cybersecurity Perimeter Law ensures a high level of security for networks, IT systems, and services used by government agencies, public administration, state-owned entities, and private companies that exercise an essential function of the state or services fundamental to the country’s interests and national security. It also provides the framework for providers of IT products and services that must meet certain requirements, such as data localization. The law also provides a legislative amendment on foreign investments in certain strategic sectors.  

The certification of cloud computing infrastructure and services (SaaS, PaaS, and IaaS) for use by the public-administration cloud is the responsibility of the ACN. All firms, domestic and foreign, may register on the eProcurement Platform to begin the qualification process and proceed to operate on the electronic marketplace of the public administration (MePA). U.S. companies should ensure that they meet all requirements, such as having a legal entity or legal representative entrusted with the power to act on its behalf. In-country legal representatives may register. ACN has information on certification. 

Relevant public-administration acquisitions that exceed thresholds are carried out via public procurement tenders published on the EU’s Tenders Electronic Daily (TED). For information on public procurement in the EU, see the relevant section of the Country Commercial Guide for the European Union.  

Resources 

Italian National Cybersecurity Authority (ACN) 
Electronic Marketplace of the Public Administration (MePA)  
Italian Official Gazette (public tenders) 
European Union Country Commercial Guide article on cybersecurity 

U.S. Commercial Service Italy: 
Maria Calabria, Commercial Specialist
U.S. Commercial Service, U.S. Embassy Rome
Tel: +39 06 4674 2427
E-mail: maria.calabria@trade.gov

×

Global Business Navigator Chatbot Beta

Welcome to the Global Business Navigator, an artificial intelligence (AI) Chatbot from the International Trade Administration (ITA). This tool, currently in beta version testing, is designed to provide general information on the exporting process and the resources available to assist new and experienced U.S. exporters. The Chatbot, developed using Microsoft’s Azure AI services, is trained on ITA’s export-related content and aims to quickly get users the information they need. The Chatbot is intended to make the benefits of exporting more accessible by understanding non-expert language, idiomatic expressions, and foreign languages.

Limitations

As a beta product, the Chatbot is currently being tested and its responses may occasionally produce inaccurate or incomplete information. The Chatbot is trained to decline out of scope or inappropriate requests. The Chatbot’s knowledge is limited to the public information on the Export Solutions web pages of Trade.gov, which covers a wide range of topics on exporting. While it cannot provide responses specific to a company’s product or a specific foreign market, its reference pages will guide you to other relevant government resources and market research. Always double-check the Chatbot’s responses using the provided references or by visiting the Export Solutions web pages on Trade.gov. Do not use its responses as legal or professional advice. Inaccurate advice from the Chatbot would not be a defense to violating any export rules or regulations.

Privacy

The Chatbot does not collect information about users and does not use the contents of users’ chat history to learn new information. All feedback is anonymous. Please do not enter personally identifiable information (PII), sensitive, or proprietary information into the Chatbot. Your conversations will not be connected to other interactions or accounts with ITA. Conversations with the Chatbot may be reviewed to help ITA improve the tool and address harmful, illegal, or otherwise inappropriate questions.

Translation

The Chatbot supports a wide range of languages. Because the Chatbot is trained in English and responses are translated, you should verify the translation. For example, the Chatbot may have difficulty with acronyms, abbreviations, and nuances in a language other than English.

Privacy Program | Information Quality Guidelines | Accessibility