FROM PROTECTION TO RESILIECE: HOW CYBERSECURITY IS CHANGING
In recent years, cybersecurity has evolved from a purely technical concern into a strategic priority for organisations. In the age of generative AI, it is about managing a continuous risk with direct implications for operations, reputation and business continuity.

Why the traditional model is no longer enough
For a long time, cybersecurity was built around the idea of defending a perimeter: what was “inside” was considered safe, while anything “outside” was seen as a threat.
Today, this approach is showing its limitations: the rise in cyberattacks (+42% in Italy), combined with the use of Artificial Intelligence, has made threats faster, more sophisticated and harder to detect.
For example, AI enables the creation of highly credible and personalised Phishing campaigns, making it increasingly difficult for users, even experienced ones, to distinguish legitimate communications from attacks. In 2025, Phishing and Social Engineering attacks surged by 75%.
This is compounded by the possibility of automating attacks and their increased ability to adapt in an ever less predictable environment. In this context, simply strengthening defences is no longer sufficient.
The situation is becoming even more complex with the evolution towards Agentic AI models, systems capable not only of generating content, but also of making decisions and executing actions autonomously.
Security becomes an organisational matter
It is not only technology that is changing, but also the regulatory and organisational landscape.
Recent regulations are introducing concrete operational requirements in Italy, such as incident notification within defined timeframes (early warning within 24 hours) and the adoption of structured risk management frameworks: these are among the key provisions of the new NIS2 Directive.In the financial sector, the DORA regulation imposes extremely stringent operational resilience standards, extending responsibility to the security of the supply chain and third parties.
Protecting systems is no longer an isolated activity, but an integral part of overall organisational management.
New models for a more complex environment
In response to this evolving landscape, security models are also changing.
Moving beyond the concept of a fixed perimeter is driving the adoption of approaches such as Zero Trust, based on continuous verification of identities and access. This requires a shift in mindset: nothing is assumed to be trustworthy by default, monitoring must be constant and technologies and processes need to be more tightly integrated.
Security Operations Centres (SOCs) are handling an ever-increasing volume of alerts, with the associated risk of “alert fatigue”. The integration of AI-based systems makes it possible to filter, correlate and prioritise alerts, improving incident response capabilities.
Among the emerging challenges is also the issue of crypto-agility: the ability to rapidly evolve cryptographic mechanisms in response to future threats, including developments related to quantum computing.
Preparing for an evolving scenario
What emerges is a picture of cybersecurity that is increasingly embedded within business processes, where technology, organisation and skills must evolve together.
Addressing this shift requires a more structured and informed approach, capable of adapting to a landscape that will continue to evolve over time.