Digital security is undergoing a profound transformation, driven by the convergence of disruptive innovations.

The impact of Quantum Computing, the relentless evolution of Artificial Intelligence (AI), and the widespread diffusion of the Internet of Things (IoT) are completely redefining the rules of cybersecurity.

This is a critical moment: progress offers extraordinary opportunities to strengthen security but also provides attackers with previously unknown tools, making the adoption of proactive and innovative defense strategies indispensable.

The seriousness of the situation is confirmed by Italian institutional data: according to the National Cybersecurity Agency (ACN), the first half of 2025 recorded a +53% increase in cyber events compared to the previous year, with a +98% increase in incidents with confirmed impact. This underscores the urgency of investing in superior technological defense.

The rise of quantum computing and its new challenges

The most revolutionary element for long-term cybersecurity is the advancement of Quantum Computing.

The creation of a sufficiently stable and powerful quantum computer is expected to render most modern cryptographic systems ineffective.

Currently, our digital security relies on complex mathematical algorithms that would take classical computers thousands of years to crack. A quantum computer, leveraging the laws of quantum physics, could perform this work in just moments.

This means that sensitive data, private communications, and protected financial transactions could be compromised in the near future. For this reason, a true global race has begun to develop and implement Post-Quantum Cryptography (PQC)- a set of algorithms designed to remain secure even in the presence of operational quantum machines.

This transition is seen as the only guarantee for the future.

AI: between intelligent defense and autonomous attack

Artificial Intelligence is the dynamic core of this transformation, acting simultaneously as a valuable ally and a formidable adversary.

On the defensive side, AI-based systems have become indispensable for cybersecurity. AI has the ability to:

• Analyze and make sense of vast amounts of security data that exceed human capacity;

• Identify user and network behavior anomalies in real time;

• Automate incident response, reducing reaction times from hours or days to mere minutes.

This transforms cybersecurity from reactive to proactive and predictive.

However, the most critical evolution concerns Agentic AI- autonomous software programs capable of acting, making decisions, and interacting with complex systems without constant human supervision.

When deployed by attackers, these autonomous agents can:

• Identify and exploit chained vulnerabilities faster than any human response capability;

• Modify their malicious payloads in real time to evade security controls;

• Orchestrate extremely convincing phishing attacks using advanced language models.

This scenario shifts the cybersecurity focus: defense can no longer rely solely on perimeter protection (“the wall”) but must extend to the continuous verification of every user’s and device’s behavior and identity within the network.

The multiplication of weak points with IoT

The Internet of Things represents the physical multiplier of the risks introduced by Agentic AI.

The number of connected devices – from industrial equipment (IIoT) to simple sensors – has made the attack surface for companies and end users enormous. Many IoT devices are designed without adequate cybersecurity measures, prioritizing functionality and time-to-market.

The combination of IoT proliferation and Agentic AI autonomy creates an extremely dangerous attack channel.

An AI agent can easily exploit the security weakness of a simple sensor to gain a foothold and move laterally across a network, targeting more critical enterprise systems.

The risk is no longer limited to data theft but extends to the direct compromise of physical infrastructures, especially critical ones.

To ensure effective cybersecurity, it is urgent to establish uniform and updatable security standards for all connected devices—from factory systems to home environments.

The pillars of the new defense: zero trust and protection-in-use

To confront these complex and interconnected threats, organizations are rapidly adopting two fundamental defensive strategies: Zero Trust architecture and Confidential Computing.

The Zero Trust model is based on a simple but radical concept: “Never trust anyone, not even those inside your network.”

It requires continuous verification of every access and every transaction, regardless of where the user or device is located. This translates into:

• Dynamic verification: Authentication is not a one-time event at login but a continuous process that adapts control levels to the potential risk of each action;

• Principle of least privilege: Strictly limiting access permissions only to what is strictly necessary for a given task;

• Micro-segmentation: Isolating individual network portions to immediately contain and restrict any breach.

In addition, Confidential Computing is emerging as the strongest solution to protect data in their “in-use” state (during processing). This technology relies on secure, hardware-based Trusted Execution Environments (TEEs) to prevent even server administrators (such as Cloud providers) or attackers with OS-level access from viewing data in plain text.

Toward an intrinsically secure future

The future of cybersecurity will be defined by our ability to leverage Artificial Intelligence to create responses that match the complexity of emerging threats.

The real opportunity lies not only in blocking attacks but in building cybersecurity systems that are inherently resilient and proactive by design.

Making systems resistant to Quantum Computing, adopting AI-driven defense through Agentic AI, and embedding security-by-design principles into IoT are no longer optional—they are minimum requirements.

The ultimate challenge will be to ensure that the ethical and responsible application of Agentic AI leads to a digital world that is not only faster and more connected but also intrinsically more secure, where trust is never taken for granted.