Accessibility

Matteo Lucchetti: “The human factor is in more than 80% of the cases the initial channel through which the attack breaks into the target”

Mini-interviews with EU CyberNet experts. Matteo Lucchetti has been part of the Expert Pool for 3 years and has contributed to the work of EU CyberNet.

EU CyberNet is a EU-funded cyber capacity building project aimed at establishing a pan-European expert network to help solve cybersecurity challenges around the world. And cybersecurity experts are the core of EU CyberNet and instrumental to the objective of building and promoting the model of an open, free, secure and stable cyberspace. This growing EU Cyber Experts Pool consists of almost 400 experts so far, on topics such as cybersecurity, cybercrime, cyber diplomacy, cyber defense, AI, etc. that connects to a wider pan-European Stakeholder Community to assess partner countries’ needs, organise trainings and offer our experts’ cyber expertise to support various initiatives around the world.  

What is less brought to the foreground in the work we do is the human factor and the work of individuals driving the progress forward across the globe. 

In this mini-interviews series we will meet our Cyber Experts as industry leaders and discover the essential contributions they make in shaping the cyber world and ensuring its seamless operation!  

In the April interview we’ll meet Matteo Lucchetti, Director of Cyber 4.0 with over 20 years of experience in the cyber arena. He joined the EU CyberNet Expert Pool exactly 3 years ago.

Please introduce yourself and the work that you do. What are the reasons for your interest in the cyber world?

My name is Matteo Lucchetti and since 2021 I am the Director of Cyber 4.0, the Italian Competence Center on Cybersecurity, a national public-private partnership promoted and co-funded by the Italian Ministry of Enterprises and Made in Italy. By institutional mandate, the action of the Center aims at strengthening competencies and capabilities of Italian enterprises and Public Administration, with a dedicated focus to the context of SMEs, particularly numerous in Italy and particularly vulnerable to cyber threats. In this capacity, we have been developing an intense program of training and advisory activities, which allowed the Center to also join more and more relevant international networks and initiatives focused on capacity building, including becoming a Stakeholder of the EU CyberNet Project.

As to my background, I have been in the cyber arena for more than 20 years now, starting from the first steps in the Italian Banking Association – right after my PhD, passing through private sector in Italy, and then moving to European institutions, first at the Fundamental Rights Agency of the European Union and then to Council of Europe, at the Cybercrime Programme Office in Bucharest, where I had the privilege to lead the Global Action on Cybercrime Extended (GLACY+) Project for 5 years, during which I also witnessed the startup of the EU CyberNet initiative.

Distinguishing synthetic contents from real ones is getting more and more difficult, and the use of deepfake risks to become a threat to the democratic life of a country, if we think of the fact that in 2024 more than 40% of the world population will elect their new governments.

What do you think are the current challenges in the field of cyber that you see in your daily work?

Challenges in cybersecurity and cybercrime landscape have been continuously growing over the last decades, not only in terms of scale and quantity of the malicious events that have been reported, but also in terms of their cross-sectoral pervasiveness and their impact. From a technical point of view, the increased use of new technological paradigms, such as – especially – AI and the cloud, has led to the need to rethink the basics of how a country can protect its citizens, institutions and critical infrastructures. However, I would also like to emphasise the importance of safeguarding small-sized organisations, which often swerve as suppliers to critical or essential operators, and can therefore represent an easy access to critical data and systems.

Speaking about AI, in particular, its use for malicious purposes poses incredible challenges to cybersecurity operators. Distinguishing synthetic contents from real ones is getting more and more difficult, and the use of deepfake risks to become a threat to the democratic life of a country, if we think of the fact that in 2024 more than 40% of the world population will elect their new governments.

On top of technical challenges though, and probably even more concerning, one has to certainly mention the legislative challenges that countries are facing worldwide. The lack of a universally agreed legal standard for international cooperation on both technical and criminal levels makes a number of countries become safe havens for criminal actors, and criminal justice authorities encounter significant problems in handling cross-border access to electronic evidence. The reference treaty in this field is undoubtedly the Budapest Convention, adopted by almost 100 countries worldwide, where it provides more adequate tools to counter cybercrime.

New areas of competencies need to be shaped up, ranging from legal advisors to cyber diplomats, from policy makers to implementers, from researchers to educators.

Based on your experience, what practical measures do you recommend enhancing cybersecurity?

This is not easy to answer in a succinct manner because there is so much to do. To try and be brief, we usually categorise our actions along three lines of interventions: People, Process and Technology.

Let me focus on the one that, in my opinion, is the most important: People. The human factor is in more than 80% of the cases the initial channel through which the attack breaks into the target. We have to upskill, reskill and in many cases create new skills in the cyber domain. The lack of competencies and profiles in this area is critical on the global level, and the role of capacity building initiatives is essential, especially because we not only need technical profiles, but also, and most importantly, new areas of competencies need to be shaped up, ranging from legal advisors to cyber diplomats, from policy makers to implementers, from researchers to educators.

In addition, we have to insist on initiatives that favor the general awareness at large: in a society that has shifted to the online world more than half of the daily life activities, the basics of cybersecurity have become a must know for everyone.

Can you give us an example from your work that you believe makes a difference in advancing cybersecurity?

In Cyber 4.0 we have been developing a whole bunch of initiatives that are aimed at strengthening competencies at national level.

First of all, training initiatives. I would classify them into five categories:

  • Basic training – mostly for enterprises that are not operating in technical fields. The impact here is to increase the overall preparedness to cyber attacks and create the basis to streamline cybersecurity in the organisational processes of the trained entity;
  • Advanced training – mostly technical, aimed at certifying competencies and skills of cybersecurity professionals on international standards, thus contributing to the hardening of processes and procedures in their relevant organisations;
  • Master level training – for cybersecurity managers and policy makers, in order to create new competencies and profiles for large enterprises and Public Administration;
  • Awareness campaigns – dedicated to spread a cybersecurity culture within an organization and reduce the risk of being exposed to attacks that leverage the human factor as initial entry point;
  • Training for students. Among the many initiatives in this area, let me mention a programme developed with the Regional Administrations and the Italian Ministry of Education and Merit, aimed at higher and lower high schools.

In addition, the Center has been implementing several advisory initiatives, ranging from organisational and technical cyber assessments to the design, co-funding and management of research and innovation projects. But also from the availability of facilities to test cybersecurity technologies to the development of immersive simulations of cyber contexts, including through the use of cyber ranges.

Allow me to mention, last but not least, the engagements we have been having in the field of international capacity building projects, to support national authorities in Africa, the European region, Latin America and the Caribbeans on strengthening capacities of cyber operators, criminal justice sector and cyber diplomats.

How do you think is EU CyberNet playing a role in building this community of experts and advancing cyber capacity building efforts around the world?

EU CyberNet is certainly a major player in the cyber capacity building arena.

The community of experts that it has been building is truly a unique at global level: no other region in the world can count on such a vast, prepared and competent base of professionals that are willing to share their knowledge and experiences with each other and with their peers, and to engage in concrete actions to support countries worldwide in strengthening their cyber posture.

I myself participated in a number of missions with CyberNet and the impact was evident, not only from the feedback we got on the spot, but above all in the aftermath, with new trainers formed at national level, new proposals raised at policy level and a stronger engagement and role of the country in the international debates on cybercrime and cybersecurity.



Keep reading similar articles
EU Cyber Diplomacy Fellowship Concluded with a Visit to New York

The EU Cyber Diplomacy Fellowship, aimed to enhance global cooperation and contribute to the United Nations’ framework for responsible state behaviour in cyberspace, concluded this week after series of monthly activities with a visit to New York where the Fellows participated in the 8th United Nation’s session of the Open-ended Working Group (OEWG) on ICTs and several side-events.

Marcel Gerardino: “Technology has great value for advancing societies but in the wrong hands it has the potential to cause a lot of harm.”

Mini-interviews with EU CyberNet experts. Marcel Gerardino has been part of the Expert Pool for 3 years and has contributed to the work of EU CyberNet.

At CAMP 2024: AI-age incident response needs to evolve with technology

This week, Liina Areng, the Director of EU CyberNet participated in the CAMP 2024 Annual Meeting in Seoul to share Estonia’s and Europe’s perspective in cybersecurity with special emphasis on ransomware and artificial intelligence.

Conclusions from the Workshop to Strengthen Regional Cyber Norms Guidance through Practice-Based Approaches and the Case of Ransomware

EU CyberNet and LAC4 co-hosted on 8th July a workshop in New York in the premises of Estonian Mission to the UN to strengthen regional cyber norms guidance through practice-based approaches and the case of ransomware as a side-event of the UN Open-ended Working Group on ICTs together with RUSI, Estonia, Chile and the Dominican Republic.

EU Cyber Diplomacy Fellowship to conclude with the visit to New York

EU Cyber Diplomacy Fellowship (EU:CD Fellowship) will have its final activity this week with the fellows’ visit to New York to participate at the UN’s Open-Ended Working Group on ICTs.

C-DAYS Conference “+Prevention”: Level your skills UP to advance efforts in building cyber capacity worldwide

Cecilia Popa, Experts Lead of EU CyberNet, participated as a Keynote Speaker at the 10th edition of the C-DAYS conference on the topic of “EU projects for Skills”, highlighting the EU CyberNet’s skillset framework which forms the foundation of our Experts Pool deployed worldwide to build cyber capacity.