Cybersecurity Update – Week 22 of 2025

Article Thumbnail
cybersecurity | AI | threat intelligence | compliance | NIS2 | ACN | cloud security | ransomware | incident response | cyber risk | Italy | DORA | APT | governance | IoT

Cybersecurity Update – Week 22 of 2025

May 29, 2025

Over the past week, Italy and the European cybersecurity landscape have seen significant developments. From the increase in DDoS and ransomware attacks to regulatory and strategic news, the sector continues to evolve rapidly. Below is an updated summary of emerging trends, main risks, and ongoing initiatives.

Rising cyber attacks: focus on ransomware and DDoS

In the first quarter of 2025, Italy recorded a peak in serious attacks: +54% compared to the previous year. Particularly significant were DDoS attacks, which affected both public and private sectors (+200% compared to 2024), and ransomware attacks, up 64%. Among the most critical cases was the attack on the City of Pisa by the NOVA group, with exfiltration of 2 TB of data. For comprehensive ransomware defense strategies, check our complete guide.

Emerging threats: Generative AI, APT, and new attack surfaces

According to ACN, 40% of successful attacks involved generative AI techniques to improve the effectiveness of phishing, deepfake, and social engineering. Ransomware-as-a-service fragmentation is growing, while attacks by state-sponsored APT groups are multiplying, particularly targeting digital infrastructure, energy, and telecommunications. Discover how Aegister can help protect your organization from these advanced threats.

Evolving regulations: NIS2 and DORA in focus

Italy continues implementing the NIS 2 Directive, with ACN sending PEC emails to obligated entities and publishing minimum technical specifications for cybersecurity and incident notification. For a detailed guide on NIS2 compliance, check our dedicated insight.

GRC and corporate responsibility: attention to boards

According to the WTW Directors & Officers 2025 survey, 70% of Italian executives consider cyber risk as the main threat. Attention to governance and training is strengthening, with increasing integration of cybersecurity into 231 models, ESG plans, and Enterprise Risk Management frameworks. Learn how our Virtual CISO service can support your organization.

Strategic initiatives and European cooperation

In Italy, ACN and DTD promote cyber training for SMEs and public administration. At the European level, implementation of the Cyber Solidarity Act advances with the development of pan-European SOCs and rapid response task forces. In parallel, NATO exercises such as Locked Shields 2025 also involve Italy, demonstrating the value of international cooperation. For more on collective defense strategies, read the april report.

Support for compliance and resilience

Aegister supports organizations in adapting to this evolving scenario through Virtual CISO services, NIS2 compliance solutions, and advanced threat intelligence. To discover how we can help strengthen your cybersecurity, visit our solutions page.

Share this post