Cybersecurity Awareness Raising in cooperation with the Public and Private Sector in Italy

This article outlines the main lines of intervention of the Italian Agency’s commitment to promoting a cybersecurity culture in Italy.

The process is grounded on three main pillars, namely Awareness, Education and Training, through dedicated measures stemming from the National Cybersecurity Strategy, adopted by the Italian President of the Council of Ministers in 2022 and to be implemented by 2026.

These lines of intervention are being pursued exploiting synergies with public institutions and private bodies in the country as external stakeholders (more than 30 public bodies are directly involved, with hundreds of other related subjects).

As a governance tool for planning structural interventions for the promotion of cybersecurity awareness initiatives and campaigns in the short, mid, and long term, ACN has developed a Cybersecurity Awareness Program: a multi-year plan (with a time horizon up to 2026, to be revised annually), comprising a set of strategic projects that are implemented by yearly operational plans.

The program follows a methodological framework entailing:

1. A taxonomy of priority themes and contents (spanning from general cybersecurity principles and secure use of internet and social media, to more specialized topics such as state-level cybersecurity or research and innovation for cybersecurity);
2. A systematization of intended audiences;
3. Tools, channels, and collaboration model.

The are some examples of past, present and forthcoming public-private initiatives stemming from the Program, namely:

1. A joint cybersecurity awareness initiative co-organized with the Computer Emergency Response Team of the Bank of Italy targeted to the top-management of the Bank;
2. Awareness campaigns for SMEs (2022-2024), including the PMI Cyber Index initiative, in partnership with Assicurazioni Generali and Confindustria and aimed as a first comprehensive attempt measuring the state of awareness regarding cyber risks of small and medium-sized companies. The index will also feed the European Global Cybersecurity ​​Index;
3. The SIC Italia - Generazioni connesse project, to be co-founded by the EU within the Digital Europe framework, for which the Agency has submitted a proposal as Associated Partner of a consortium coordinated by the Italian Ministry of Education within a Consortium of 40+ public and private bodies. The project, whose primary target are kids (but also parents and teachers), has the objective of fostering a positive and conscious use of the Internet as well as to contrast online criminal activities against kids like child pornography. The Agency will work on designing awareness raising initiatives for kids and parents focused on recognizing online threats and the adoption of good practices while surfing the Internet and the social media.