{"id":272199,"date":"2026-03-17T10:15:43","date_gmt":"2026-03-17T09:15:43","guid":{"rendered":"https:\/\/www.hwgsababa.com\/?p=272199"},"modified":"2026-03-17T10:18:00","modified_gmt":"2026-03-17T09:18:00","slug":"clusit-2026-report","status":"publish","type":"post","link":"https:\/\/www.hwgsababa.com\/en\/clusit-2026-report\/","title":{"rendered":"Clusit 2026 Report &#8211; Industrial Cybersecurity: Regulation Is Driving Assessments, But Much Work Remains To Be Done"},"content":{"rendered":"<div class=\"wpb-content-wrapper\">[vc_row el_class=&#8221;margin_top_30&#8243;][vc_column][vc_column_text el_class=&#8221;paragrafo&#8221;]\n<h3><em><strong>HWG SABABA\u2019S CONTRIBUTION TO THE CLUSIT 2026 REPORT<\/strong><\/em><\/h3>\n<ul>\n<li><strong><em>Only 20% of organizations directly managing industrial plants have structured OT incident management plans, and only 5% conduct regular testing<\/em><\/strong><\/li>\n<li><strong><em>Only 10% of companies have formally defined roles and responsibilities for OT cybersecurity<\/em><\/strong><\/li>\n<\/ul>\n<p><strong>Milan, March 17, 2026<\/strong> \u2013 Once again this year, <strong>HWG Sababa<\/strong> \u2013 an Italian company providing managed services, strategic solutions, and cybersecurity consulting \u2013 is among the main contributors to the <strong>Clusit 2026 Report<\/strong>, the leading study on cybercrime in Italy and worldwide.<\/p>\n<p>Presented today during the <strong>Security Summit in Milan<\/strong>, the Clusit 2026 Report includes an analysis conducted by HWG Sababa on the state of cybersecurity in <strong>industrial automation and control systems in Italy<\/strong>. The analysis highlights how the main critical issues are not exclusively linked to technological aspects, but often stem from shortcomings in cybersecurity governance models, the definition of roles and responsibilities, risk management processes, and the lack of integration between IT and OT security.<\/p>\n<p>Indeed, the entry into force of the <strong>NIS2 Directive<\/strong>, the <strong>Cyber Resilience Act<\/strong>, the <strong>Machinery Regulation<\/strong>, and the <strong>Data Act<\/strong> \u2013 introducing increasingly stringent obligations \u2013 has raised awareness among industry operators of the need to carry out assessments related to cyber risk management in their industrial systems. However, the issues identified require new approaches to security and additional investments.<\/p>\n<p><strong>Roberto Caviglia, CTO of <a href=\"https:\/\/y-cyber.com\/\" rel=\"noopener\">Y Cyber<\/a> \u2013 HWG Sababa\u2019s Business Unit dedicated to OT security \u2013 commented:<\/strong><br \/>\n\u201cThe results of our analysis clearly show that it is necessary to accelerate the maturity journey of cybersecurity in industrial environments. This means investing more systematically in the protection of assets and adopting security processes throughout their entire lifecycle. To address an increasingly complex threat landscape and the new European regulatory requirements, organizations must adopt an integrated approach to OT security that combines governance, expertise, and technological controls to strengthen operational resilience and reduce exposure to cyber risks.\u201d<\/p>\n<p>Based on data collected between <strong>October 2024 and October 2025<\/strong> through <strong>gap analysis and risk assessment activities<\/strong> carried out on companies operating across the industrial supply chain \u2013 including <strong>asset owners<\/strong> (organizations that directly manage industrial plants), <strong>system integrators<\/strong>, and <strong>technology manufacturers<\/strong> \u2013 HWG Sababa identified the most recurring and systemic vulnerabilities characterizing modern OT environments.<\/p>\n<p>From HWG Sababa\u2019s observatory, it also emerges that the companies most engaged in cybersecurity assessment activities belong to the <strong>Energy sector (35% of analyzed cases)<\/strong>, followed by <strong>logistics and transportation (21%)<\/strong> and <strong>manufacturing (17%)<\/strong>. This trend reflects the obligation for these sectors to comply with the evolving regulatory framework introduced by the European Union.<\/p>\n<p>Despite the growing attention to the topic, the analysis shows that the <strong>cyber maturity of OT environments remains limited<\/strong>. More than <strong>50% of organizations<\/strong> have introduced a separation between IT and OT networks; however, in most cases there is no full segmentation, resulting in potential risks for industrial network security.<\/p>\n<p>Critical gaps also emerge at the <strong>organizational level<\/strong>, in terms of resources and processes: just over <strong>10% of companies<\/strong> have formally defined roles and responsibilities for OT cybersecurity, and a similar percentage manages cyber risk through structured processes.<\/p>\n<p>Finally, <strong>incident response capabilities remain limited<\/strong>: only <strong>20% of asset owners<\/strong> have an incident response plan specifically designed for OT environments, and just <strong>5%<\/strong> conduct regular testing.<\/p>\n<p>For more information,<a href=\"https:\/\/clusit.it\/rapporto-clusit\/\" rel=\"noopener\"> the full <strong>CLUSIT 2026<\/strong> <strong>Report<\/strong> is available here.<\/a><\/p>\n<p>&nbsp;<\/p>\n<h3><strong>HWG Sababa<\/strong><\/h3>\n<p>HWG Sababa is a full-service provider headquartered in Italy, specializing in cybersecurity across IT,\u202fOT\u202fand IoT domains. Through an end-to-end approach, the company delivers advanced services across three strategic areas:\u202fHyperSOC\u2122, Audit, Offensive &amp; Governance, and Security Implementation &amp; Management. With 90% of revenues generated in Italy and 10% across Europe, the Middle\u202fEast\u202fand Central Asia, HWG Sababa has experienced significant organic growth between 2022 and 2025, further strengthened by targeted M&amp;A initiatives aimed at expanding technical\u202fexpertise\u202fand enhancing geographic proximity to clients. The company primarily serves medium and large Italian enterprises\u202foperating\u202fin highly industrialized and regulated sectors with mission-critical infrastructures.<\/p>\n<p>HWG Sababa has offices in Verona, Milan, Genoa, Florence, Rome, Bergamo, Bari,\u202fTashkent, Vilnius,\u202fDubai\u202fand Madrid.<\/p>\n<p><a href=\"http:\/\/www.hwgsababa.com\/en\/\">www.hwgsababa.com<\/a><\/p>\n<p>&nbsp;<\/p>\n<p><strong><u>Media Relations\u00a0HWG Sababa<\/u><\/strong><\/p>\n<p><strong>Barabino &amp; Partners\u00a0<\/strong><\/p>\n<p>Office: +39 02\/72.02.35.35<\/p>\n<p>Stefania Bassi \u2013 s.bassi@barabino.it 335 62 82 667<\/p>\n<p>Linda Basilico \u2013 l.basilico@barabino.it 334 67 08 127<\/p>\n<p>Elena Magni \u2013 e.magni@barabino.it 348 478 74 90[\/vc_column_text]<style> style=\"height:50px;\"<\/style><div class=\"vcex-spacing wpex-w-100 wpex-clear\" style=\"height:50px;\"><\/div>[\/vc_column][\/vc_row]\n<\/div>","protected":false},"excerpt":{"rendered":"<p>[vc_row el_class=&#8221;margin_top_30&#8243;][vc_column][vc_column_text el_class=&#8221;paragrafo&#8221;] HWG SABABA\u2019S CONTRIBUTION TO THE CLUSIT 2026 REPORT Only 20% of organizations directly managing industrial plants have structured OT incident management plans, and only 5% conduct regular testing Only 10% of companies have formally defined roles and responsibilities for OT cybersecurity Milan, March 17, 2026 \u2013 Once again this year, HWG Sababa&hellip;<\/p>\n","protected":false},"author":10,"featured_media":272202,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[69,32],"tags":[],"post_series":[],"class_list":["post-272199","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-press-en-3","category-press-en","entry","has-media"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/posts\/272199","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/comments?post=272199"}],"version-history":[{"count":4,"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/posts\/272199\/revisions"}],"predecessor-version":[{"id":272208,"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/posts\/272199\/revisions\/272208"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/media\/272202"}],"wp:attachment":[{"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/media?parent=272199"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/categories?post=272199"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/tags?post=272199"},{"taxonomy":"post_series","embeddable":true,"href":"https:\/\/www.hwgsababa.com\/en\/wp-json\/wp\/v2\/post_series?post=272199"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}