The new framework on NIS2 categorization in Italy introduces significant compliance obligations for entities falling within the scope of the Italian NIS2 regime. The purpose of the categorization exercise is to enable ACN to determine which additional cybersecurity measures will apply depending on the services provided by the relevant entity.
The potential classification of activities associated with ransomware cyberattacks, including ransom payments by victims, as a crime has long been an unresolved issue, also in Italy. This concern has now led Italy to introduce a groundbreaking legislative proposal aimed at enhancing cybersecurity and mitigating threats posed by digital extortionists.
