How to Overcome Digital Fragility

Fondazione Bruno Kessler, PagoPA, the Italian State Mint and Printing Institute, Synapsed, and the Lisi Law Firm addressed the topic of digital infrastructure fragility in a session titled “Fragility of Digital Infrastructure: What Can Be Done? Opportunities and Challenges.” at the 20th edition of the Festival of Economics. The event was moderated by Filomena Greco, journalist for Il Sole 24 Ore.

“The goal of the Autonomous Province of Trento is to create an efficient, integrated, and interoperable digital administrative ecosystem,” stated Achille Spinelli, Trento Province Vice President and Councillor for Economic Development, Labor, Family, University, and Research. “We have already launched several projects supported by European programming funds and the National Recovery and Resilience Plan (PNRR).  We value simplification and speed.  We also strongly support key local initiatives, such as the University of Trento and Fondazione Bruno Kessler’s infrastructure project—a true ‘data mine’—that will enhance data security while expanding computational capacity and research opportunities.”

The opening address was delivered by Roberto Viola, Director General of DG CONNECT (Directorate-General for Communications Networks, Content and Technology) of the European Commission: “Emerging technologies like cloud-edge computing, AI, and 5G and 6G offer vast opportunities but also pose significant cybersecurity challenges. EU investments and regulations on secure supply chains, trusted vendors, product certification, and critical infrastructure protection pave the way for a safe technological future.”

Public digital infrastructures—like PagoPA’s payment system or the IO app—are used daily by millions of citizens and thousands of public entities. At the core of these ecosystems is a strategic vision focused on interoperability, solution modularity, usability, and above all, security. Maurizio Fatarella, Director General of PagoPA, presented a new tool: the IT-Wallet, Italy’s digital wallet. Designed not just to simplify access to services but also to strengthen digital identity and data protection, the IT-Wallet offers clear benefits in terms of security and privacy.

The Italian State Mint and Printing Institute (IPZS) also manages critical digital services and is working on the new digital identity platform, aiming for interoperable security and citizen-centric design. Andrea De Maria, Innovation Manager at IPZS, explained that their role in the IT-Wallet project includes creating and managing components that ensure security, reliability, and compatibility with existing infrastructure—empowering citizens with greater control over their digital identity.

Behind these systems lies extensive technical and scientific research, as carried out by the Center for Cybersecurity at Fondazione Bruno Kessler.  Its director, Silvio Ranise, a Full Professor at the University of Trento, highlighted key vulnerabilities of today’s increasingly interconnected and pervasive digital ecosystems. “Making these systems reliable requires coordinated work on three fronts: digital identity, data protection, and AI trustworthiness.” On digital identity, a “zero trust” approach is essential—every access request, whether from a user or system, must be explicitly verified. The issuance of digital credentials—such as those used in European Digital Identity Wallets—represents a critical security risk and must be safeguarded by robust cryptographic protections. It is also necessary to balance ease of use and security by implementing measures that make these services resilient.  And finally, the data protection work to ensure transparency and accuracy of the results.

“Fondazione Bruno Kessler,” Ranise concluded, “has established a joint cybersecurity lab to enhance the practical impact of our research, strengthen our own security posture, and support compliance with the European NIS2 directive, helping organizations in Trentino and beyond.”

Representing the business perspective in the AI security sector, Matteo Meucci, CEO of Synapsed, shared results from a recent study on ten generative AI models, all of which were found vulnerable to various attack types. Meucci emphasized that despite its promise, AI requires a rigorous operational framework in which organizations can actively test, monitor, and update their systems.

The legal and regulatory aspect was addressed by lawyer Andrea Lisi, who focused on the legal and political implications of digital infrastructure management—especially when entrusted to external, often non-European providers. Lisi warned against excessive regulatory fragmentation and called for a return to fundamentals: placing data at the center—not just as a technical resource, but as a political and cultural asset. This requires continuous education, digital literacy for citizens, and the emergence of new professionals capable of integrating law, ethics, technology, and governance.

Overcoming digital infrastructure fragility is possible through a collective effort that brings together technical expertise, regulatory capacity, strategic vision, and social awareness within a shared governance framework.

Speakers: Roberto Viola – Director General of DG CONNECT, European Commission; Achille Spinelli – Trento Province Vice President and Councillor for Economic Development, Labor, Family, University, and Research