ROME – Prefect Bruno Frattasi has today, May 21, 2026, submitted his resignation as Director General of the National Cybersecurity Agency (ACN). The decision, officially made for "personal reasons," opens a delicate transition phase for the governance of Italy's digital defense.
Tomorrow evening's Council of Ministers will be called to deliberate on the successor: in pole position to inherit the role is Andrea Quacivi, former CEO of Sogei, a choice that would mark a clear shift towards a distinctly technical and managerial profile.

The roots of an announced departure: tensions of recent months
Although the news bounced like a sudden agency release, the trajectory that led to Frattasi's exit unfolded over months of intense political and institutional pressure. Already in the spring of last year, speaking to Il Foglio, the Prefect had admitted the precarious state of his leadership with clear words: “I have broad shoulders, I don't know if I'm paying for underground wars... I'm not a computer scientist, my mandate is at disposal”.
Two hot fronts that emerged strongly in recent months ultimately strained relations with the executive:
- The Uffizi and La Sapienza cases: The hacker attacks that hit the Uffizi Gallery in Florence and the University of La Sapienza in Rome at the beginning of 2026 reignited the spotlight on the vulnerability of the Public Administration, exposing the ACN to severe criticism regarding the timeliness and stance of preventive defense.
- Personnel management: In the specialized press and Parliament, discontent had grown over an alleged excessive "bureaucratization" of Via di Fontana Rotonda. The main accusation concerned the preference for administrative profiles from the Ministry of the Interior at the expense of engineers, computer scientists, and frontline operational experts.

The "military front" and the fragmentation of competencies
A decisive weight in accelerating the crisis at the top of the ACN came precisely from the Defense circles. In the months leading up to Frattasi's departure, the debate on managing hybrid threats in cyberspace had become heated.
Defense Minister Guido Crosetto had openly intervened, denouncing the weaknesses of the current security architecture: “This won't do. There is a lack of common governance to manage this sector so delicate for Italy”. Under the scrutiny of the Parliamentary Commission was the so-called "fragmentation of competencies", a fragmented setup that today sees the Defense, Interior, Secret Services, and Foreign Ministry channels overlapping and sometimes hindering each other.
The dualism between ACN and military structures
If the memorandum of understanding signed in 2025 between the Defense General Staff and the ACN had tried to build an institutional bridge, the doctrinal issues remained unresolved:
- Civilian vs. operational approach: Military and strategic defense circles pushed for a more pronounced centrality of operational structures, such as the Network Operations Command (COR) of the Defense, deemed more suitable to respond to state cyber threats (with particular reference to pro-Russian and pro-Iranian collectives) compared to an agency with a distinctly civilian drive.
- Hybrid warfare: Managing the fifth domain of conflict (cyber) requires a streamlined command chain integrated with NATO requirements, a field where the bureaucratic vision of the former Prefect encountered strong resistance within the State's military apparatus.

Urgent challenges for the new leadership
Whoever will sit at the top of Via di Fontana Rotonda – with Andrea Quacivi in pole position – will immediately need to mend relations with the Defense and Intelligence sector, complete the implementation of the European directive NIS2, and unlock the effectiveness of the PNRR funds allocated for the resilience of national critical infrastructures. National cyber protection, in a context of global instability, can no longer afford asymmetries between those who write the rules and those who defend the country's digital borders.
Comments
No comments yet. Be the first!