Insights

Cybersecurity: advanced security for a high-risk digital world

“Out there, the world is bad.”

Digital transformation is reshaping the way companies operate, collaborate, and protect their data. In this scenario, cybersecurity is no longer a technical option but a strategic pillar that determines operational continuity, resilience, and stakeholder trust.

According to the Microsoft Digital Defense Report 2025, the sectors most affected by cyberattacks include Public Administration, IT, Education, NGOs, and Critical Manufacturing, with a constant growth trend in terms of complexity and frequency of incidents.

Increasing threats: numbers we cannot ignore

The cyber landscape has shown unprecedented acceleration:

Phishing generates 36% of data breaches, with a +1,265% increase in malicious emails thanks to the use of generative AI.
The average cost of a data breach has reached $4.88 million, while BEC (Business Email Compromise) scams caused losses of $2.77 billion in 2024 alone.
68% of breaches involve human error, confirming how training and awareness are crucial factors. Among the most widespread techniques:
ransomware, social engineering, DDoS, malware, data theft, man-in-the-middle — threats capable of impacting companies and individuals with significant operational, reputational, and psychological consequences.

Data 2025

OffSec, Defensive Ops, and Code Security

Cybersecurity is transitioning from isolated tool management to an ecosystem of Autonomous Agents, redefining the three pillars of modern security: OffSec (Offensive Ops), Defensive Ops, and Code Security.

In the OffSec domain, Model Context Protocols (MCP) like HexStrike and Shannon can autonomously orchestrate complex attacks and validate vulnerabilities. Defensive Ops is also evolving. Today, Microsoft Security Copilot, enriched with custom Agents, acts as a universal orchestrator capable of correlating signals from heterogeneous stacks to accelerate triage and response.

Finally, Code Security is shifting radically to the left thanks to GitHub Copilot and AI agents capable of rewriting insecure code before deployment.

Do you know?

Leak Sites and exposed databases: the other side of the web

Total Websites (Clear Web):

There are approximately 1.1 - 1.2 billion websites globally (although only a fraction is active daily).

Active Data Leak Sites:

Websites managed by hacker groups (such as ransomware groups for extortion) are estimated to be in the hundreds or thousands. In 2026, the number of publicly "named" victims whose data is exposed and downloaded for a few hundred euros up to exorbitant amounts is expected to exceed 7,000. A small percentage compared to the total websites worldwide but with significant repercussions.

Exposed Databases:

If we consider misconfigured servers (not designed for leaks but "leaking" data), the numbers rise drastically. Millions of "alerts" for exposed databases on the internet are detected annually.

Web servers:

It is estimated that about 3-5% of active web servers globally have at least one folder with open directory listing that should not be public.

Have you ever tried running this string from Google's search bar?

intitle: "index of"

The results are astonishing!

Live Nation

2023 data leak targeting Live Nation/Ticketmaster

How to prepare: priorities for companies

To address the evolution of threats, organizations must adopt a structured strategy. Some essential pillars include:

Identify and assess cyber risks
Strengthen defenses against ransomware and identity breaches
Implement Zero Trust architectures
Monitor the software supply chain
Protect privileged access
Continuously train personnel
Formalize incident response plans

The AGIC model: Cybersecurity Enforcement Process

AGIC supports companies along an end-to-end journey to build a resilient cyber posture:

Initial assessment – comprehensive analysis of risks, vulnerabilities, and current posture
Strategy definition – policies, frameworks, KPIs, and operational priorities
Implementation – technological and organizational actions
Continuous controls – monitoring, alerts, reporting to ensure compliance
Continuous improvement – updates, optimization, and constant training

Agic Model

Conclusion

Cyber threats no longer target only major players: every company — regardless of sector and size — is now a potential target.
AGIC positions itself as a strategic partner to guide organizations in building advanced security, regulatory compliance, and digital resilience through an integrated, modern, and data-driven approach.

AgicPeople

Francesco Soccolini

Francesco Soccolini ha costruito la sua carriera sull'equilibrio tra sicurezza e innovazione infrastrutturale. Nel suo ruolo di Excellence in ambito Cybersecurity e Cloud Operations, Francesco guida le aziende nel complesso percorso di adozione delle soluzioni Microsoft, curandone l'architettura, la governance e l'osservabilità, supportando anche le progettualità infrastrutturali sia in ambito delivery che pre-sales. La sua visione strategica permette di trasformare i processi operativi in ecosistemi sicuri e monitorati, garantendo che l'evoluzione verso il cloud sia sempre accompagnata da una solida postura di sicurezza. Il suo legame con la tecnologia ha radici profonde: la sua forma mentis nasce con il VIC20, evolvendosi attraverso pietre miliari come lo ZX Spectrum 48K, il Commodore 64 e l'Amiga 500/1200. L’innato amore per retrogaming e retro-hardware non è solo un hobby, ma la base di una competenza tecnica che affonda le radici nell'essenza stessa del calcolo e dell'ingegneria informatica. Tra una sfida di architettura cloud e l'altra, Francesco coltiva le sue passioni per la musica e i giochi da tavolo, mantenendo vivo quel mix di logica e creatività che caratterizza il suo approccio professionale.