The second edition of Cybsec-Expo recently concluded in Italy, with the organisers hailing the show a success, and also sharing a list of key cyber security insights as a takeaway from the event.
Cybsec-Expo offered a clear view of the pressing cyber security challenges faced today, as well as a glimpse into the future of digital defence. According to the organisers, Mediapoint & Exhibitions, with global cyber attacks up 44% in the last year, this year’s show carried a strong message: organisations must invest in awareness, training, and cross-sector resilience. Co-located with Hydrogen Expo and the inaugural Nuclear Power Expo, the event addressed everything from deepfakes and OT (operational technology) vulnerabilities to national preparedness and digital trust.
Here are some of the key takeaways from this year’s show as compiled by the organisers:
1. AI is becoming the enemy – and the ally
Artificial intelligence (AI) is accelerating both cyber attacks and defences. According to 41% of surveyed exhibitors, AI-powered threats such as hyper-realistic phishing and deepfake content represent the most significant emerging danger over the next 12–18 months. Best practice sharing network Cyber Security Angels warned that within a year, deepfakes will be virtually indistinguishable from real communications.
It’s not all doom and gloom, however. Companies such as Cylock are meeting fire with fire, deploying AI-trained models – including ones built using real hacker data – to enhance vulnerability assessments and threat detection. This means that AI literacy is now an absolute must.
2. People are the weakest link
While threats are becoming more sophisticated, attackers are still cashing in on human error. Cyber Sphere explained that among the millions of phishing attacks launched, hackers count on 10% getting through – simply because someone will fall for them.
82% of the Cysec exhibitors surveyed believe European organisations aren’t giving cyber security the priority it deserves. Moreover, when asked what would make the biggest difference in the future, the top answer wasn’t zero-trust frameworks or AI — it was better awareness and human factors training. Sometimes, the simplest solutions are the most effective.
3. Supply chains are an overlooked entry point
Several exhibitors named supply chain vulnerabilities as the top cyber threat for the year ahead – and with good reason. Gartner predicts that by the end of 2025, 45% of companies will suffer cyber damage via third-party suppliers.
Novasystem, for example, was keen to highlight updates to its Sling platform, which now includes tools for assessing suppliers’ cybersecurity compliance. Meanwhile, multiple conference sessions focused specifically on strategies to bolster supply chain cyber resilience. They discussed how, in a landscape shaped by the NIS2 directive, third-party security must become a standard procurement concern, not a box-ticking exercise.
4. Don’t just rely on one cyber security partner
Naquadria warned that relying on a single IT provider to cover all cyber needs is a risky move, as mistakes happen and vulnerabilities often arise from incorrect configuration of security systems. The best approach? Split responsibilities and bring in multiple specialist providers to cross-check each other’s work. This isn’t about doubling your budget – it’s about independent verification and benefiting from external expertise that evolves with the threat landscape.
5. OT is the next big battleground – especially in energy
As organisations strengthen their IT defences, cyber criminals are increasingly shifting focus to OT. With 27% of surveyed exhibitors citing OT/IoT as the next biggest threat, industries need to up their game. Energy is particularly at risk. 46% of exhibitors said that hydrogen and nuclear sectors are more vulnerable than others due to their additional OT challenges. Conference sessions led by the Italian Police and G.I.S.I (Italian Instrumentation Association) sought to address the risks and help participation take control of the situation.
6. Critical sectors still take full awareness
At the co-located Hydrogen Expo, the gap in awareness was striking. While Nuclear Power Expo exhibitors largely acknowledged the cyber risk, a significant proportion of hydrogen sector representatives didn’t see cyber crime as a major threat – or weren’t sure. As hydrogen infrastructure scales, any gaps in awareness, training, or OT protection could open the door to serious disruption not only to energy provision but also to employee and public safety. Cyber security can’t be an afterthought – it has to be embedded into hydrogen infrastructure from the start.
According to the organisers, Cybsec is growing into more than just a cyber security event – it’s a hub for cross-sector collaboration. Whether an individual is involved in energy, logistics, healthcare, or manufacturing, cyber security is now central to operational resilience. Covering everything from ransomware to supply chain compliance and OT defence, the show is carving out a vital space on the European calendar for professionals who want to stay ahead of evolving threats.
