National Strategy on the Resilience of Critical Entities

The National Strategy on the Resilience of Critical Entities is aimed at public and private entities providing essential services which, if disrupted, would significantly impact the maintenance of vital societal functions, economic activities, public health and safety, or the environment.

These entities are identified as the operators of critical infrastructure - comprising the networks, facilities, systems or devices indispensable for service continuity - which must be protected and made resilient against physical events that could jeopardise their operation.

Drafted pursuant to Article 6 of Legislative Decree No. 134 of 4 September 2024, which transposes Directive (EU) 2022/2557 of the European Parliament and of the Council of 14 December 2022 on the resilience of critical entities (also known as the "CER - Critical Entities Resilience - Directive") into Italian law, the Strategy seeks to enhance the prevention, response and recovery capacities of critical entities, especially by protecting the infrastructure required to ensure the operational continuity of essential services in the event of physical incidents.

While focused on physical risk, within the scope of the CER Directive, the Strategy recognises that widespread disruption or damage, in the current landscape, often stems from hybrid campaigns - hostile threats or actions designed to undermine infrastructure, essential services, and decision-making processes. Alongside the National Cybersecurity Strategy, this Strategy forms part of a broader proactive European effort to tackle systemic vulnerabilities with determination during unpredictable times.