In Italy, many CIOs also function as de facto CISOs, reflecting the high priority given to cybersecurity, which 41% of global CIOs share according to Experis research. The NIS2 directive compels companies, including NGOs, to implement structured cybersecurity governance, employee training, risk management, incident notification, and supply chain security, elevating cybersecurity responsibilities beyond IT technical teams to include executive leadership.
Organizations such as EMERGENCY and Relife Group demonstrate practical NIS2 compliance through AI-enhanced cyber defenses, 24/7 SOC monitoring, network architecture redundancy, and anti-DDoS services. Although AI expands attackers’ capabilities, it simultaneously provides predictive tools for threat detection and incident response. CIOs emphasize AI’s dual role and the importance of tuning systems to minimize false positives for more effective defense.
Despite technological advances, the greatest risk remains human error, particularly phishing and poor password practices. Awareness campaigns and cultural shifts towards cybersecurity practices, including Zero Trust frameworks, are highlighted as essential. Challenges persist in industries where cybersecurity is historically undervalued, necessitating education of top management and demonstrating financial risks of cyber incidents. National campaigns aim to foster integrated cybersecurity systems combining technology, processes, and competencies.
👉 Pročitaj original: CIO Magazine
