IT EN
Client Portal →
sales@10punto10.eu · 02 87176855
· 10punto10

Moody's Announces the End of the Firewall: What Changes for Italian CISOs

CybersecurityFirewallSASEZero TrustNIS2
Moody's Announces the End of the Firewall: What Changes for Italian CISOs

Why Moody’s is calling time on the traditional firewall

When a global credit rating agency starts making bold predictions about cybersecurity infrastructure, business leaders should pay attention. Moody’s has signalled that the traditional perimeter firewall — the cornerstone of corporate network security for over three decades — is reaching the end of its useful life. For European SMBs, and Italian businesses in particular, this is not just a technical footnote. It is a strategic warning.

The logic is straightforward. Modern businesses no longer operate within a single, well-defined network perimeter. Employees work remotely, applications run in the cloud, and supply chains depend on dozens of interconnected digital platforms. A firewall sitting at the edge of an office network simply cannot protect what it cannot see.

According to Gartner, by 2025 more than 80% of enterprise workloads had moved to cloud environments. For Italian SMBs — many of which accelerated their digital transformation during and after the pandemic — this shift has been dramatic but often unplanned. The security architecture, however, has not always kept pace.

What the “end of the firewall” actually means

To be clear, Moody’s is not suggesting that firewalls will disappear overnight. The prediction is about relevance. Traditional firewalls were designed for a world where corporate data lived inside a building and threats came from outside. That world no longer exists for most organisations.

Today’s attack surface is distributed. An employee accessing a SaaS application from a home network in Milan, a contractor connecting from a co-working space in Berlin, a branch office in Naples using a local internet breakout — none of these scenarios fit the old model of routing all traffic through a central firewall for inspection.

The numbers support this shift. IBM’s Cost of a Data Breach Report 2024 found that the average cost of a breach reached $4.88 million globally, with organisations using outdated security architectures taking significantly longer to identify and contain incidents. For SMBs operating on tighter margins, even a fraction of that figure can be existential.

The Italian and EU context

Italian businesses face a particular set of pressures. The NIS2 Directive, which came into full effect across EU member states, has expanded the scope of mandatory cybersecurity requirements to cover a much wider range of sectors and company sizes. Many Italian SMBs that previously fell outside regulatory obligations now find themselves subject to strict incident reporting, risk management, and supply chain security requirements.

At the same time, Italy’s cybersecurity agency ACN (Agenzia per la Cybersicurezza Nazionale) has been actively pushing for stronger cyber resilience across the national business fabric. The Clusit 2024 report documented a 65% increase in cyber attacks targeting Italian organisations compared to the global average, with SMBs increasingly in the crosshairs.

Relying solely on a perimeter firewall in this environment is not just technically insufficient — it is a compliance risk.

SASE and Zero Trust: the practical alternatives

Two frameworks have emerged as the primary successors to traditional perimeter security: SASE (Secure Access Service Edge) and Zero Trust Architecture. Understanding what they mean in practice, rather than as marketing buzzwords, is essential for any business leader planning their security roadmap.

Zero Trust: never assume, always verify

Zero Trust operates on a simple principle — no user, device, or application should be trusted by default, regardless of whether they are inside or outside the corporate network. Every access request is verified based on identity, device health, location, and behaviour patterns.

For an Italian SMB, this might look like requiring multi-factor authentication for every cloud application, segmenting the internal network so that a compromised endpoint cannot move laterally, and continuously monitoring user behaviour for anomalies. None of this requires a massive budget. Many cloud providers and security vendors now offer Zero Trust capabilities that scale to smaller organisations.

SASE: security delivered from the cloud

SASE combines network functions (like SD-WAN) with cloud-native security services (like secure web gateways, cloud access security brokers, and firewall-as-a-service) into a single, unified platform delivered from the cloud. Instead of backhauling traffic to a central data centre for inspection, security is applied at the edge, closer to where users and data actually are.

For businesses with distributed workforces or multiple locations — common among Italian SMBs with regional offices — SASE reduces complexity while improving both performance and security posture. Gartner has estimated that by 2027, over 50% of organisations will have adopted SASE, up from less than 15% in 2023.

What Italian CISOs and IT managers should do now

The transition away from firewall-centric security does not need to happen in a single leap. A pragmatic approach works best for resource-constrained organisations.

Audit your current architecture. Map where your data actually lives, how users access it, and which assets are exposed to the internet. Many Italian SMBs discover that their actual attack surface is far larger than their firewall covers.

Adopt Zero Trust principles incrementally. Start with identity. Enforce multi-factor authentication everywhere. Implement least-privilege access policies. These steps alone significantly reduce risk and are achievable without major infrastructure investment.

Evaluate SASE for distributed environments. If your employees work remotely or your business operates across multiple sites, a SASE approach can consolidate security and networking while reducing the burden on internal IT teams.

Align with NIS2 and national requirements. Use the regulatory framework as a roadmap, not just a compliance checkbox. The requirements under NIS2 — risk assessments, incident response planning, supply chain security — naturally push organisations toward modern security architectures.

Engage your supply chain. Italian businesses are deeply interconnected through supply chains, particularly in manufacturing, fashion, and food sectors. Your security posture is only as strong as your weakest partner.

The bottom line for European SMBs

Moody’s warning is not about selling new technology. It is about recognising a structural shift in how businesses operate and how threats have evolved. The perimeter firewall served its purpose well for decades, but the perimeter itself has dissolved.

For Italian and European SMBs navigating NIS2 compliance, rising cyber threats, and increasingly distributed operations, the move toward Zero Trust and SASE is not optional — it is the natural next step. The good news is that these approaches are more accessible than ever, with cloud-delivered options that fit SMB budgets and complexity levels.

The businesses that act now will be better protected, better positioned for compliance, and better prepared for whatever comes next.

Need support on this topic? Contact us for a free consultation — let’s assess your company’s situation together.

Stay updated every week on cybersecurity, AI and technology for SMBs: subscribe to our newsletter.

💬

Need support on this topic?

Let’s assess your company’s situation together. First consultation is free.

Contact us
📩

Stay updated every week

Cybersecurity, AI and technology for SMBs. No spam, only useful content.

Subscribe to newsletter