Italy’s Agency for National Cybersecurity and Bocconi Join Forces

Cybersecurity assumes a crucial role in the protection of critical infrastructure, sensitive data and citizens’ privacy. The collaboration between Italy’s Agency for National Cybersecurity (ACN) and Bocconi University signed on September 10 represents a significant step in boosting Italian competencies and capabilities in this strategic area. 

The Memorandum of Understanding signed between ACN and Bocconi University aims to strengthen competencies in the field of cybersecurity through a series of joint initiatives. Within this framework, Bocconi and ACN commit to jointly develop studies and research on cybersecurity issues, thus contributing to knowledge and innovation in this critical area. In addition, specific educational modules will be developed to raise awareness and train students and professionals on cybersecurity regulations and practices, aligning educational offer with labor market needs.

The ACN was established in 2021 as a response to the growing cyber threats affecting the country. The agency serves as the national cybersecurity authority, tasked with promoting a coherent regulatory framework, ensuring coordination among various public actors and supporting public-private initiatives to ensure cybersecurity and resilience. Its goals, in addition to preventing cyber-attacks, of course, include strengthening digital resilience, promoting strategic autonomy in cyber, and effectively managing cyber crises, in an approach that actively involves institutions, the private sector, and the wider society. 

Indeed, the collaboration aims to make professionalize the response to a range of threats that are in turn increasingly sophisticated. ACN's institutional purpose, which is to protect national interests in cybersecurity, is intended to promote the training of experts who know how to identify priorities for action in order to prevent adverse events. On the other hand, it is essential to study in detail the possible effects, economic and otherwise, of potential attacks on society as a whole. In this sense, Bocconi, as a university strongly oriented toward the social sciences and economics, can therefore be an ideal partner for the Authority. Moreover, Bocconi already has a master's degree program in Cyber Risk Strategy and Governance in collaboration with the Politecnico di Milano and directed by Greta Nasi.

The government recently passed a law (L.90/2024) on cybersecurity that aims to strengthen national cybersecurity and counter cybercrimes through a series of innovative measures and digital operational resilience in the financial sector, extending the use of special investigative tools for serious cybercrimes and improving coordination between authorities in case of attacks. The law also promotes public-private collaboration and specialized training programs, with the aim of strengthening Italy's technological and industrial autonomy in cybersecurity. In these areas, the collaboration with Bocconi becomes strategic, thanks to the research and expertise on sectors considered vital, such as finance, energy, health and, in general, all critical infrastructures and on the functioning of organizations. Certainly, an area of collaboration may also be at the development of cyber awareness of small- and medium-sized enterprises. The Italian industrial fabric, in fact, is well known to be largely composed of companies of this size that are unlikely to have staff specifically dedicated to cyber security. However, their vulnerability could pose systemic risks, since they are part of a network anyway. Being able to protect them, therefore, means being able to protect everyone.

After signing the agreement, ACN Director General Bruno Frattasi and Deputy Director General Nunzia Ciardi discussed with the students of the MSc in Cyber Risk Strategy and Governance offered jointly by Bocconi University and Politecnico di Milano about cyber resilience and risk awareness in the digital society, emphasizing how as cybersecurity is a cross-cutting issue that needs interdisciplinary skills in order to understand the technology, its potential and its risks, in the economic and social context in which we live.