By CeSViTer Consulting March 31, 2025
In recent years, the digitalization of Public Administration has increasingly exposed the cybersecurity vulnerabilities of Italian municipalities. Hacker attacks are multiplying, targeting public offices and essential services, while institutions struggle to respond with new regulations and protective measures. However, the problems persist, and municipalities often find themselves unprepared in the face of increasingly sophisticated threats.
Rising Concern Over Cybersecurity in Municipalities
According to data from the National Cybersecurity Agency (ACN), in 2024 about 18% of cyberattacks targeted Public Administration, particularly affecting local authorities and healthcare centers. This alarming trend prompted the government to respond with legislative measures and security strategies.
Among the most recent initiatives are Law No. 90/2024, known as the "Cybersecurity Law," and the establishment of the National Cybersecurity Agency (ACN), responsible for coordinating cybersecurity policies at the national level. Furthermore, the European Union mandated the adoption of the NIS2 Directive, which came into force in Italy in August 2024, requiring local administrations to comply with stricter data protection standards.
However, while regulations evolve, the everyday reality in Italian municipalities tells a different story, characterized by structural deficiencies, insufficient funding, and inadequately trained personnel.
Cyberattack Trends and Impact: 2018–2024
From 2018 to 2024, cyberattacks on Italian Public Administration surged dramatically, growing from 250 incidents in 2018 to over 1,000 in 2024. This exponential rise underscores the urgent need for effective and locally implemented cybersecurity measures. In 2021, the distribution of attacks revealed that 56% were directed at Central Administration, 30% at local administrations, and 10% at the healthcare sector. By 2024, the situation had evolved: Central Administration was still the primary target (50%), but attacks on local administrations increased to 32% and those on healthcare to 12%. This shift highlights a growing vulnerability among local institutions, which often lack the resources and infrastructure of central entities.
The comparison of attack distribution between 2021 and 2024 reveals a clear trend: a modest reduction in pressure on Central Administration and a corresponding increase in threats targeting local and healthcare institutions. Moreover, when comparing absolute numbers of incidents across these years, the upward trend in every category is even more evident.
In economic terms, the impact is alarming. Estimated financial losses for local administrations rose from approximately €225 million in 2018 to over €1.17 billion in 2024. This estimate is based on an average cost of €1.5 million per incident, further emphasizing the devastating economic consequences of cyber threats on Italy’s local governance structures.
Municipalities on the Frontline: Issues and Challenges
Despite regulatory progress, cybersecurity remains a critical issue for Italian municipalities. The main concerns? Lack of resources, limited expertise, and inadequate attention to security protocols.
Lack of specialized expertise – Many municipalities do not have cybersecurity experts. A survey by AnciLab on 206 local authorities in Lombardy found that staff training is still inadequate.
Lack of incident management protocols – Only 29.2% of local administrations have structured procedures to manage cyber incidents (ISTAT 2022).
Insufficient funding – Reduced budgets limit the acquisition of advanced software and the hiring of professionals.
Dependence on external providers – Many municipalities outsource IT management. The attack on Westpole S.p.A. highlighted the associated risks.
Human error – Lack of training leads to vulnerabilities such as phishing and poor credential management.
Inadequate technological protection – Absence of advanced firewalls, multi-factor authentication, and intrusion prevention systems.
CS-AWARE NEXT: A European Solution to Strengthen Municipal Cybersecurity
The CS-AWARE NEXT project, funded by the European Union, aims to strengthen the resilience of local administrations through:
- Automation of threat detection and response;
- Collaboration among European public entities;
- Reduced reliance on third-party providers;
- Continuous training programs;
- Compliance with European regulations such as NIS2.
Thanks to CS-AWARE NEXT, Italian municipalities can benefit from cutting-edge technologies and continuous support to counter cyber threats.
Possible Solutions: A Necessary Shift in Approach
To enhance digital security in Italian municipalities, it is necessary to:
- Provide mandatory and continuous training for administrative staff;
- Adopt clear incident response protocols and conduct regular simulations;
- Make structural investments and ensure access to dedicated funds;
- Implement advanced security technologies;
- Perform strict checks on IT service providers;
- Actively participate in European projects like CS-AWARE NEXT.
Conclusions: A Challenge to Be Won
Cybersecurity in Italian municipalities is a national priority. It is essential to bridge the gap between regulation and operational reality through an integrated approach, adequate investment, and the support of European initiatives. Only in this way will it be possible to ensure continuity, efficiency, and security in local digital public services.