Cyber Defense: What Is Missing Is Trust

The rise of politically motivated cyberattacks represents a defining feature of contemporary geopolitical conflict. In the wake of the Russia-Ukraine conflict, cyberspace has emerged as a strategic domain of power projection, extending far beyond the battlefield and into the political, economic and social domains. State-sponsored cyber operations, including espionage, sabotage and disinformation campaigns, have increased dramatically in both scale and sophistication.

These attacks are no longer confined to military objectives but target critical infrastructure, electoral processes and public opinion, blurring the lines between war and peace. According to the Italian Intelligence Report of 2025 (“Relazione Annuale sulla Politica dell’Informazione per la Sicurezza” 2025), offensive cyber activities by state-sponsored actors have increased significantly, accounting for 19% of all cyberoperations, marking a notable rise compared to previous years. The strategic goals behind these operations include intelligence gathering, economic disruption and political destabilization. Notably, espionage-motivated attacks have seen a sharp increase, reflecting the growing importance of cyberoperations in achieving geopolitical advantage.

This evolving threat landscape affecting national security underscores the urgent need for enhanced cyber defense capabilities, and more resilient infrastructure protection. Italy has taken significant steps to strengthen its cyber defense capabilities through targeted legislative and institutional measures. The adoption of Cybersecurity Law 90/2024 and the Legislative Decree 138/2004 (which transposes the European NIS2 Directive) represent a pivotal shift in Italy’s approach to cybersecurity governance. These measures establish a comprehensive framework for protecting critical infrastructure and enhancing the resilience of essential services, aligning Italy’s strategy with broader European Union standards. However, the effectiveness of these measures depends not only on government action but also on building trust and securing the cooperation of all stakeholders — including private sector entities and citizens. Public confidence and supportive behaviors are essential for reinforcing Italy’s cyber resilience and ensuring a coordinated national response to the growing threat of politically motivated cyberoperations.

Recent data from “Monitoring Democracy”, an initiative of the Department of Social and Political Science at Bocconi University and SWG, shows Italian citizens’ confidence in their government's ability to defend against politically motivated cyber threats and reveals a complex and polarized landscape. According to the survey data (Table 1), 22.9% of Italians express confidence in their government’s capacity to counter cyberthreats linked to geopolitical conflicts, while only 4.3% of respondents expressed strong confidence in the government’s ability to defend against politically motivated cyberattacks. This low figure underscores a general skepticism about Italy’s cyber resilience and the state’s ability to respond to growing cyberthreats. A significantly larger portion of the population — 30.5% — expressed moderate confidence, suggesting that while some government efforts are recognized, doubts persist about their overall effectiveness.

The data also reveals significant political divisions in Italians’ confidence in the government's ability to protect against cyberthreats. Confidence levels are notably higher among right-leaning respondents and center-right voters, while skepticism is more pronounced among left-leaning and unaffiliated respondents, suggesting that political ideology plays a significant role in shaping public perceptions of national cyber resilience (Table 2).

Right-leaning voters show relatively high confidence levels, which suggests that supporters of conservative parties may align more closely with the government’s security policies. Center-right voters show a similar pattern, with 37.9% expressing medium confidence, but only 4.1% reporting high confidence — indicating that while they recognize some government action, skepticism remains about the government's effectiveness. In contrast, center-left and left-leaning voters report significantly lower confidence levels. Center-left respondents are somewhat more balanced, indicating that even moderate-left voters remain largely unconvinced about the government's cyber capabilities.

Table 3 shows clear political divides in confidence in the government’s ability to handle cyberthreats. Supporters of Fratelli d’Italia demonstrate the highest levels of confidence, which reflects alignment with the current government’s conservative approach to national security and cyber policy.

Conversely, left-leaning and opposition party supporters report significantly lower confidence levels.

This suggests that political trust in cyber capacity reflects broader ideological divides, with right-leaning voters generally more supportive of the government’s security posture and left-leaning voters more critical or skeptical. In turn, this polarization underscores the broader challenge of building national consensus on cybersecurity. Supporters of conservative and center-right parties appear more aligned with the government’s current security posture, while left-leaning and unaffiliated voters exhibit greater skepticism — likely reflecting broader mistrust in state institutions and government transparency. Despite Italy's proactive efforts to strengthen its cybersecurity framework, challenges remain in building public trust. To enhance public awareness and cyberliteracy, the role of the Italian National Cybersecurity Agency (ACN) is pivotal as a key knowledge disseminator, engaging not only with firms and interest groups but also with local communities and civil society to create a decentralized but united defense strategy. Trust depends on citizens seeing tangible improvements in cyber preparedness and having confidence in the state’s ability to protect critical infrastructure and democratic processes. Greater clarity about the state’s strategic approach and consistent communication on successes and challenges would help reduce political skepticism. Framing cybersecurity as a shared national responsibility — where government, the private sector and citizens work together — can reinforce Italy’s resilience against politically motivated cyber threats.