The increasing digitization of the energy and transportation sectors is significantly expanding exposure to cyber risk, making critical infrastructure protection a strategic priority at the national and European levels. Reflections and insights also emerged during a recent discussion sponsored by the Ministry of Enterprise and Made in Italy., in collaboration with Cyber 4.0 and the Higher School of Specialization in Telecommunications, are part of a broader debate involving institutions, academia and practitioners.
As part of this discussion-part of a series of webinars dedicated to cybersecurity – the main cyber risks affecting strategic areas such as energy and transportation were analyzed, with a focus on critical infrastructure protection in the context of the European regulatory framework and digital transition.
The current scenario: risks and threats in the world of cybersecurity
In recent years, the energy and transportation sectors have become among the main targets of cyber attacks, which are increasingly sophisticated and difficult to predict.
According to the CLUSIT Report 2026, the transportation and logistics segment in Italy recorded a 134.6 percent increase in cyber incidents in 2025, reaching about 12 percent of the national total, while for the manufacturing industry, 16 percent of the incidents recorded globally in this sector involved companies in our country.
The growing interconnection between digital systems and physical infrastructures, coupled with the progressive integration between IT and OT environments, has in fact significantly expanded the attack surface of organizations, making these areas particularly vulnerable to threats that are also systemic in nature. In this scenario, Roberto Setola, director of the Master in Cybersecurity Management at UniCampus, suggested how the increasing integration between IT and OT systems makes it necessary to adopt increasingly advanced defense models to ensure the continuity of essential services.
This is compounded by additional elements of complexity.AI emerges as a critical element: while it enhances defenses, it is also exploited by attackers to make threats faster, more automated, and more difficult to intercept. In parallel, as pointed out by Mariano G. Cordone, MASE, the current geopolitical instability makes the protection of energy infrastructure, considered a real “nervous system” for the functioning of the country, even more central.
In this context, the European regulatory framework has evolved significantly. The introduction of the NIS2 directive, along with other instruments such as the ERC directive, marked a shift from an approach based on minimum security requirements to a model geared toward operational resilience and continuity of essential services. As highlighted by Costantino Fiorillo, Director General and Head of the Central Safety Board of the Ministry of Infrastructure and Transport (MIT), the regulations should in fact not be interpreted as mere compliance, but as a tool to strengthen the operational capacity and resilience of the system.
The issue of resilience is one of the central elements in the cybersecurity debate today, as also emerged in the discussion among experts in the field. As pointed out by Cyber 4.0’s Chief Operating Officer Matteo Lucchetti, “the current scenario sees the cybersecurity paradigm shifting from protection to cyber resilience,” pointing out that it is no longer enough to prevent attacks, but it is necessary to ensure business continuity even in adverse conditions. With this in mind,risk management extends throughout the supply chain, with a focus on the supply chain, now among the main vectors of vulnerability for companies.
Reinforcing this view is the concept of systemic risk, linked to the strong interdependencies between critical infrastructures. Energy, transportation and telecommunications can no longer be considered in isolation, but elements of a complex ecosystem in which an incident can generate cascading effects.
For this reason, as emphasized by Luisa Franchina, CEO of Hermes Bay, the adoption of analysis models based on “what if” scenarios, i.e., exercises that enable companies and organizations to analyze in advance the consequences of potential critical events, assessing in detail the possible scenarios and the effectiveness of the preventive measures taken, is becoming increasingly important.
The company’s point of view: the approaches of Ferrovie dello Stato and Terna
Alongside these reflections, concrete operational approaches adopted by major industries also find space. In the transportation sector, Francesco Morelli, head of Cyber & Information Security at FS Italiane, illustrated a risk management model based on Continuous Threat Exposure Management (CTEM), which enables a shift from static security to continuous and dynamic monitoring of vulnerabilities, including through the use of automation and artificial intelligence.
Regarding the energy sector, Luigi Ballarano, CISO of Terna, reiterated how the transition to an increasingly digitized system means a significant increase in the attack surface. In this scenario, the adoption of advanced security models, such as the zero-trust approach, and the extension of protection measures along the entire supply chain represent key elements to ensure the resilience of infrastructures.
Upcoming appointments
The cybersecurity seminar series will continue in April with the webinar “Data power: governance, security and intellectual property defense.”
Further details on the date and schedule will be available in the coming days on the Cyber 4.0 and MIMIT website and social channels.