Digital security, regulatory obligations and new defence models: cyber resilience is a priority for business and PA

The growing complexity of cyber threats and the rapid transformation of business models are forcing companies to undertake a thorough review of their digital protection strategies. Data from the Cybersecurity & Data Protection Observatory of the Milan Polytechnic and Sirmi's Enterprise Market research paint an unequivocal picture: attacks are increasing in frequency, sophistication and ability to affect the entire supply chain. In 2024, the Italian cybersecurity market reached EUR 2.48 billion, 73 per cent of companies suffered at least one cyber incident, and the total number of attacks increased by 27 per cent compared to the previous year.

At the same time, the progressive adoption of artificial intelligence has introduced new risk vectors, in addition to those induced by the human factor and interactions with suppliers. Against this backdrop, the European Union has defined stricter standards - NIS2, DORA and the forthcoming Cyber Resilience Act - with the aim of strengthening the resilience of the various countries.

A complete customer journey for NIS2

The entry into force of the NIS2 directive marks a turning point for European security, as the new regulatory framework not only expands the sectors involved but introduces more stringent obligations, defined timeframes and a perimeter of responsibility that extends throughout the supply chain. In Italy, the adoption process is coordinated by the National Cybersecurity Agency, which has already completed the census and classification phase of the organisations subject to it. The horizon to look forward to is the deadline of 1 January 2026: from that date onwards, companies and PAs will have to send a pre-notification to the Csirt within 24 hours of discovering a significant incident, followed within 72 hours by a detailed report. This is a major cultural change as well as an operational one, for which consolidated processes and specialised expertise are required. For many realities, however, 'being compliant' and quickly detecting incidents, managing communication to customers and authorities and (nevertheless) ensuring business continuity for processes is not a matter of course and requires a reliable partner.

In this ever-changing context, TIM Enterprise has the skills and tools to support companies and Public Administrations in the path to compliance with the NIS2 directive, starting from the preliminary subjectivity check up to the identification and implementation of the most suitable solutions to meet its requirements. Thanks to the Group's specialist skills and technological capacity, TIM Enterprise is able to offer services ranging from infrastructure analysis to the design of perimeter protection measures, from 24-hour monitoring to incident management in accordance with the timescales imposed by the directive. Decisive in this respect is the contribution of Telsy, the Group's cybersecurity company, which guarantees advanced levels of protection and consultancy for crisis management and staff training. Among the most notable solutions is TIM Guardian, which introduces a native level of protection on fixed and mobile lines, enabling companies to have a first integrated filter against phishing, malware and unwanted access.

Telsy has also recently partnered with Fortinet to introduce quantum threat-resistant security features in its next-generation firewalls. The integration of Quantum Key Distribution's Italian technology makes it possible to create quantum-resistant security keys and to enable future-proof VPNs, speeding up activation times and protecting the confidentiality and integrity of critical data of enterprises and Public Administration.

Zero trust and SASE: the new frontier of IT security

The increasing mobility of work, the pervasive diffusion of cloud platforms and the transformation of organisational models mean that the traditional approach based on perimeter defence is now outdated. In this context, the zero-trust model applies, which is based on a simple principle: 'never trust, always verify'. Every user, every device and every application, in other words, is to be considered potentially at risk until it proves to be compliant with the security policies defined by the company. A zero-trust architecture, in particular, acts on five different areas (identity, devices, network, applications and data) through continuous authentication, minimal privileges and network micro-segmentation. The benefits of adopting it are obvious and range from reducing the risk of ransomware to greater protection for work done remotely and defence against threats generated within the organisation.

In this area too, TIM Enterprise supports companies in any sector in reviewing internal processes and policies by providing them with a portfolio of solutions that combine cloud services, high-capacity networks and advanced cybersecurity technologies, enabling them to adopt the zero-trust model in a progressive and sustainable manner, monitoring anomalous behaviour and minimising the attack surface. Here again, integration with Telsy's expertise ensures constant support for the configuration of controls and real-time surveillance of critical events.

An important security focus for companies is the migration of IT systems and infrastructure to the cloud and the increasingly widespread adoption of SaaS (Software as a service) tools. The traditional defence based on perimeter firewalls and VPNs is no longer sufficient to counter the level of sophistication of attacks (often generated with the aid of AI) and the answer to this evolution of threats is called SASE, an acronym for Secure Access Service Edge, a framework that manages security and network in a single architecture to guarantee secure and optimised access to corporate resources, regardless of the location of users or the device used. The TIM Guardian Enterprise solution combines advanced network and security capabilities into a single cloud-native service, capable of protecting employees and devices in a consistent and centralised manner and intercepting threats already at the infrastructure level thanks to anti-phishing and anti-malware tools integrated directly into the TIM network.