It’s not just about how much money is on the field. The real point, when it comes down to it cyber security Italian SME, is how those resources are designed, made accessible and structured over time.
The public measures implemented today are completely adequate to protect the business world cyber attacks are they multiplying and becoming more sophisticated? To what extent does the State concretely accompany these productive entities in their often expensive security infrastructure investments? And most importantly: the existing tools are truly capable of dealing with the threat or threat we are fighting ransomware And phishing with a blunt weapon?
To understand how much and how public systems help businesses in this transition, Tinexta – a group specializing in digital transformation and SME growth – through the companies of the Tinexta Cyber Group and Tinexta Innovation Hub has developed a detailed map of concessionEU contributions, funding and programs available between 2025 and 2026 to improve corporate cybersecurity (see table below). Because if it’s true that part of the game is played on awareness – recognizing and avoiding unreasonable emails remains important – then it’s also true that it’s not enough: without investment in IT security (updated systems, infrastructure, professional management) the line between an attempted attack and a disaster is still very thin. The “geography of incentives”, although a turning point, nevertheless shows an incomplete picture.
Field measurements
The pin is new maximum depreciation 2026 – which is currently regulated in the Budget Bill -, which increases the amount that can be deducted for new capital goods, including software, systems and platforms to protect networks, data and systems, in accordance with annexes A and B of law 232/2016 (UU APBN 2017) on cyber. Based on the current text of the Bill, this applies to investments made in 2026 (with a possible end date of 30 June 2027) and provides decreasing increasingbut with maximum investment intensity up to 2.5 million euros. This is a step taken to progressively replace Transitions 4.0 and 5.0, and remains cumulative with other incentives commensurate with the price of the item.
In terms of direct contributions, the Mimit «Cloud & Cybersecurity» voucher stands out (2025), which provides reimbursement up to 50% of the cost for cloud services and security solutions (MFA, firewall, encryption, SIEM, backup), with amounts between 4 thousand and 40 thousand euros per company and a budget of around 150 million, aimed at SMEs and micro-enterprises.
