Defence

The cyber domain of national interest is established: the Chief of the Defence Staff becomes the cyber authority

Article 7 of the draft bill entitled ‘Provisions for the strengthening and modernisation of national defence capabilities’, which is due to be considered by the Council of Ministers shortly

by Rome Editorial Staff

13 June 2026

3' min read

Translated by AI

Versione italiana

Key points

Cyberspace of national interest
The Chief of Defence Staff for Cyber Affairs

3' min read

Translated by AI

Versione italiana

The Italian Ministry of Defence will have its own cyber domain of national interest and a clearly defined cyber chain of command. This is provided for in Article 7 of the draft bill ‘Provisions for the strengthening and adaptation of national defence capabilities’, the draft which is currently circulating and which could soon be submitted to the Council of Ministers.

The legislation amends the Military Code and integrates cyber security into the standard framework of the Armed Forces. No longer just computer networks to protect, but a comprehensive operational perimeter: data, software, hardware, OT systems, sensors, physical and electromagnetic connections, industrial control systems, connected mobile devices and interconnection points.

Cyberspace of national interest

The first new development is the definition of ‘cyber space of national interest for the defence of the state’. According to the draft, this refers to the entirety of the defence sector’s IT infrastructure and the physical, logical and cognitive relationships between these elements.

In practical terms, the measure recognises that military security no longer depends solely on traditional bases, equipment, weapons and systems. It also depends on the security of the data, networks, digital infrastructure, industrial systems and technological architectures that enable the defence sector to function.

The Chief of Defence Staff for Cyber Affairs

The most significant change concerns the Chief of the Defence Staff. The draft designates him as the Ministry of Defence’s cyber authority, responsible for the organisation, professional training, readiness and deployment of joint cyber personnel.

There is more to it than that. The Chief of the General Staff would, even in peacetime, contribute to the protection of national strategic interests relating to the defence of cyberspace. Furthermore, the text specifically refers to the planning and conduct of cyber operations in Italia and abroad.

The draft grants this same authority the power to issue joint directives on cyber defence, information and communication technologies, data collected and processed in the defence sector, and the electromagnetic spectrum, within the scope of the Armed Forces’ interests.

Finally, the data. The Chief of the Defence Staff is designated as the sole person responsible for the Ministry of Defence’s data: data is treated as a strategic military asset, no longer as mere administrative or operational information. This entails powers of direction, coordination and oversight over the use, sharing, management, quality and security of data, as well as over the related technical and logistical architectures and infrastructure.

The Military Cyber Specialist Qualification

Article 7 also establishes the ‘Military Cyber Specialist’ qualification, a professional cyber role within the Ministry of Defence, complete with training programmes and criteria for the recognition of skills.

The draft explains that the certificate is issued by the Chief of the Defence Staff to military personnel who have successfully completed highly technical training courses organised by the Ministry of Defence, or who already possess advanced specialist skills in the cyber sector.

The implementation framework is two-pronged. A decree issued by the Minister of Defence will define qualification levels, the procedures for issuing licences, the requirements for retaining a licence, and the circumstances under which a licence may be suspended or revoked. The Chief of the General Staff, on the other hand, will be responsible for training procedures, the methods for assessing and assigning qualification levels, as well as the possible withdrawal or suspension of the licence.

There is just one common thread linking these three measures: the Ministry of Defence would cease to be the guardian of its own networks and instead become an operational player in cyberspace. The first test will come in the Cabinet.