Cybersecurity and Italian critical infrastructures: the return of the state?

Abstract

Security strategies have increasingly come to include references to critical infrastructures, seen as security assets to be preserved. In the Italian case, the rise in cyberattacks against critical infrastructures has been associated with a perception of their increasing relevance as potential threats. This has led to renewed attention towards the governance model adopted in this issue area and, in particular, towards the role of private actors and public-private partnerships, the actual owners of the infrastructures, now called upon to contribute to the provision of security as a public good, but with limited capabilities and a limited interest in doing so. Looking at the Italian case, the article shows that the traditional cybersecurity governance model, involving private actors in an equal relationship with public actors, has seen a subtle and gradual shift towards an increasing strengthening of the authority of public actors (verticalization).