Cybersecurity: PNRR and Budget Law 2023
That cyber damage is one of the biggest threats in recent years is certainly no mystery; the wave of digitalisation – also accelerated by the pandemic – has brought one of the main risks for businesses’ digital infrastructures back into the spotlight, with new exposure scenarios constantly emerging. Furthermore, looking at the current geopolitical context, the economic crisis and the Russian-Ukrainian conflict have introduced highly sophisticated cyber-offensive tools to support cyber-intelligence and cyber-warfare activities.
A look at the data
The data speaks clearly: according to the Clusit 2022 Report, in the period between 2018 and 2022, global attacks recorded a growth of 53%; only in first six months of 2022 there were 1,141 serious cyber attacks, with a growth of 8.4% compared to the first half of 2021, for an overall average of 190 attacks per monthand with a peak of 225 attacks in March 2022, the highest ever.
Both the frequency and severity of damage are expected to increase, with dramatic consequences also in various aspects of society, politics, economics and geopolitics. Confirming this forecast already evident in the year just ended, serious attacks were 45% of the total in the first six months of 2022while those with a “critical” impact represented a third of all attacks. Overall, Critical and High impact attacks accounted for 78% of the total. The scenario of geopolitical tension is increasing the risk of a global cyber war which could cause consequences of unprecedented severity.
What are the measures to take
But then how can we prepare and initiate a series of measures that will make our country more Safe and resilient – today more than ever, in such an interconnected and digitalized context? Never before has it been more important to make the best use of the resources present within the PNRR and intended for Cybersecurity projects with the aim of supporting public and private companies and professionals in reducing the effects of attacks on their IT security infrastructure. Already in May 2022, the National Cybersecurity Strategy was outlined by the ACN with 82 measures to be implemented by 2026 to support companies in the adoption of advanced cybersecurity solutions and in staff training for cyber risk management, to improve cybersecurity technologies and help companies stay abreast of the latest threats and to develop greater cooperation between the private and public sectors for damage management, so as to be able to share information and best practices and thus create a network of common defense.
To realize these objectives, this year the PNRR has allocated 623 million euros to be allocated to cybersecurity. Of these, 174 million euros will be used for the operation of the Agency, of the networks and services under construction and in the future, 147 million will be used for the technological scrutiny and certification laboratories, and 301 million will be used for the strengthening and cyber resilience of the PA.
Not only that! Two important national funds are added to the European resources of the PNRR, allocated with the 2023 Budget Law: one is the Fund for the implementation of the National Cybersecurity Strategywhich finances investments aimed at achieving technological autonomy in the digital sector, thus raising national cybersecurity levels. They have been allocated 70 million euros for the year 202390 million euros for the year 2024, 110 million euros for the year 2025 and a further 150 million euros per year from 2026 to 2037. The second Fundinstead, it aims to cybersecurity project managementof which the Agency is responsible, with resources equal to 10 million euros for the year 202350 million euros for 2024 and 70 million euros per year starting from 2025.
The availability of these economic resources will be able to increase and improve the defensive infrastructures of companies, professionals and public bodies. In this scenario, the insurance sector still plays a fundamental role in accompanying citizens, professionals and businesses in limiting the damage resulting from possible cyber attacks by taking out adequate cyber-risk insurance policies. According to the new Research & Markets report, in fact, The cyber insurance industry will reach a global turnover of $32.6 billion in the next six years, by 2028, marking a compound annual growth rate of 18.8%. A considerable increase when compared with the 6 billion dollars in 2019. Therefore, today more than ever, it is important to spread a corporate risk management culture in the cybersecurity field and internal best practices aimed at protecting IT security. Within the national market, Italian companies have historically always adopted a defensive strategy with respect to cyber risk management with little investment; now they are changing their approach by making risk management a strategic business lever.
Given the exponential growth of cyber attacks, it is advisable for professionals and businesses to safeguard their data by adopting a Cyber Risk policy. This coverage allows the insured to protect himself from cyber attacks and the resulting expenses and losses of data and confidential information. Furthermore, it provides the intervention of an expert for the recovery of lost data and for decontamination from any malware. All these are services included in the Smart version, which has a maximum limit of up to €25 thousand. Lokky also offers its customers the possibility of taking out a Top version of the policy, which provides for an increase in the limit up to €250 thousand and the inclusion of numerous additional guarantees, including a daily allowance for business interruption and coverage of expenses for restoring the company’s image.
latest posts published
Lokky, the Italian data driven insurtech for professionals and SMEs
An ally for cyber security: Load Balancing
Business Trend 2023 for SMEs, professionals and commercial activities
Occupational risks for pastry shops
How to read a pay slip
What are the most common cyber risks and how to protect yourself
Clinical Risk: What it is and What are the consequences
Commercial activities most affected by theft
October is European Cyber Security Month
