Image of Showreel Research Units
In this section

Rules - Research Unit on Law and Economic Studies

WHAT WE DO

 

Unit Directors: Filippo Annunziata & Oreste Pollicino

The Rules research unit aims at redefining on original foundations the relationships between law, digital technology and economics in the field of legal science. This triangle cannot be based on the mere acquisition by the legal analysis of tools developed by other sciences.
In order to be useful, this relationship must rather be seen as an equal dialogue between different research methods, conceptual and cultural traditions that keep their diversity, but that can complement each other in order to understand the main features of many areas of social regulation and digital innovation.

Building on the research conducted within DigCon (Digital Constitutionalism: Rights, Remedies, and Policy in the Algorithmic Society), funded by the Italian Science Fund (FIS21), of which Prof. Oreste Pollicino is PI, the RULES research unit, within the Baffi Research Center at Bocconi University, proposes the establishment of a Cybersecurity and AI Focus Group.

 

The adoption of the NIS2 Directive and the enforcement of the AI Act are redefining the intersection of cybersecurity, artificial intelligence, and regulation. These developments raise critical questions about cyber resilience, compliance strategies, and the governance of AI-driven risks, placing them at the core of institutional and corporate agendas.

The purpose of the focus group seeks to bridge legal, economic, and technical expertise to examine in depth the risks and the regulatory challenges, while fostering a culture of proactive security and AI governance, ensuring that cybersecurity and regulation drive innovation rather than hinder it in the evolving European digital landscape.

The focus group aims to serve as a platform for research and dialogue among:

  • Academia: ensuring legal and economic analysis of cybersecurity and AI governance;

  • Institutions: the focus team is held in collaboration with the Italian National Cybersecurity Agency (ACN), a key actor in implementing NIS2 and shaping regulatory responses to systemic vulnerabilities;

  • Businesses: navigating regulatory adaptation and integrating AI and cybersecurity frameworks into sustainable innovation strategies.

Main areas of the focus group:

  1. Security Governance and Regulation (NIS2 & AI Act)

    • Public-private coordination and enforcement mechanisms

    • Risk management and resilience frameworks

  2. AI, Cybersecurity, and Systemic Risks

    • Security and accountability in high-risk AI applications

    • AI-driven threat detection and cybersecurity-by-design models

  3. Digital Constitutionalism and Regulation

    • AI governance and the balance of power between states, corporations, and individuals

    • The role of cybersecurity in shaping digital sovereignty

    • Fundamental rights protection in AI governance

L’adozione della Direttiva NIS2 e l’applicazione dell’AI Act ridefiniscono il rapporto tra sicurezza informatica, intelligenza artificiale e regolazione, mettendo al centro dell’agenda istituzionale e aziendale la cyber resilience e le sfide regolatorie.

Nato nell’ambito del progetto DigCon finanziato dal FIS e in collaborazione con l’Agenzia per la Cybersicurezza Nazionale (ACN), il Cybersecurity and AI Focus Group del Centro Baffi dell’Università Bocconi analizza le sfide normative e i rischi sistemici, promuovendo un approccio alla sicurezza che integri protezione, innovazione e governance responsabile dell’IA.