Authors: Stefano Armenia, Alessandro Cardazzone, Camillo Carlini
In this paper we deal with the analysis of the Italian Presidential Decree on CyberSecurity (January 2013). Reading it, we had the impression that, again, policy makers lack systemic skills and the ability to evaluate the impacts of their choices and assumptions before implementing their decisions. The Italian Cyber Security Act (DL.2013) establishes, in case of cyberthreat to national security, to activate the Inter- Ministerial Committee for the Security of the Republic (CISR), which should take decisions in a timely and effective manner. In this paper, we won?t argue about the effectiveness of such board, which would have to be discussed by analysing both the specific competences brought to the Board by the various official stakeholders and by the processes put in place in order to favour the work carried out by such Board, rather we will discuss the inherent delays in the system ultimately made even worse by the need to activate such Board for certain critical decisions.