Matteo Lucchetti: “The human factor is in more than 80% of the cases the initial channel through which the attack breaks into the target”

Mini-interviews with EU CyberNet experts. Matteo Lucchetti has been part of the Expert Pool for 3 years and has contributed to the work of EU CyberNet.

EU CyberNet is a EU-funded cyber capacity building project aimed at establishing a pan-European expert network to help solve cybersecurity challenges around the world. And cybersecurity experts are the core of EU CyberNet and instrumental to the objective of building and promoting the model of an open, free, secure and stable cyberspace. This growing EU Cyber Experts Pool consists of almost 400 experts so far, on topics such as cybersecurity, cybercrime, cyber diplomacy, cyber defense, AI, etc. that connects to a wider pan-European Stakeholder Community to assess partner countries’ needs, organise trainings and offer our experts’ cyber expertise to support various initiatives around the world.  

What is less brought to the foreground in the work we do is the human factor and the work of individuals driving the progress forward across the globe. 

In this mini-interviews series we will meet our Cyber Experts as industry leaders and discover the essential contributions they make in shaping the cyber world and ensuring its seamless operation!  

In the April interview we’ll meet Matteo Lucchetti, Director of Cyber 4.0 with over 20 years of experience in the cyber arena. He joined the EU CyberNet Expert Pool exactly 3 years ago.

Please introduce yourself and the work that you do. What are the reasons for your interest in the cyber world?

My name is Matteo Lucchetti and since 2021 I am the Director of Cyber 4.0, the Italian Competence Center on Cybersecurity, a national public-private partnership promoted and co-funded by the Italian Ministry of Enterprises and Made in Italy. By institutional mandate, the action of the Center aims at strengthening competencies and capabilities of Italian enterprises and Public Administration, with a dedicated focus to the context of SMEs, particularly numerous in Italy and particularly vulnerable to cyber threats. In this capacity, we have been developing an intense program of training and advisory activities, which allowed the Center to also join more and more relevant international networks and initiatives focused on capacity building, including becoming a Stakeholder of the EU CyberNet Project.

As to my background, I have been in the cyber arena for more than 20 years now, starting from the first steps in the Italian Banking Association – right after my PhD, passing through private sector in Italy, and then moving to European institutions, first at the Fundamental Rights Agency of the European Union and then to Council of Europe, at the Cybercrime Programme Office in Bucharest, where I had the privilege to lead the Global Action on Cybercrime Extended (GLACY+) Project for 5 years, during which I also witnessed the startup of the EU CyberNet initiative.

Distinguishing synthetic contents from real ones is getting more and more difficult, and the use of deepfake risks to become a threat to the democratic life of a country, if we think of the fact that in 2024 more than 40% of the world population will elect their new governments.

What do you think are the current challenges in the field of cyber that you see in your daily work?

Challenges in cybersecurity and cybercrime landscape have been continuously growing over the last decades, not only in terms of scale and quantity of the malicious events that have been reported, but also in terms of their cross-sectoral pervasiveness and their impact. From a technical point of view, the increased use of new technological paradigms, such as – especially – AI and the cloud, has led to the need to rethink the basics of how a country can protect its citizens, institutions and critical infrastructures. However, I would also like to emphasise the importance of safeguarding small-sized organisations, which often swerve as suppliers to critical or essential operators, and can therefore represent an easy access to critical data and systems.

Speaking about AI, in particular, its use for malicious purposes poses incredible challenges to cybersecurity operators. Distinguishing synthetic contents from real ones is getting more and more difficult, and the use of deepfake risks to become a threat to the democratic life of a country, if we think of the fact that in 2024 more than 40% of the world population will elect their new governments.

On top of technical challenges though, and probably even more concerning, one has to certainly mention the legislative challenges that countries are facing worldwide. The lack of a universally agreed legal standard for international cooperation on both technical and criminal levels makes a number of countries become safe havens for criminal actors, and criminal justice authorities encounter significant problems in handling cross-border access to electronic evidence. The reference treaty in this field is undoubtedly the Budapest Convention, adopted by almost 100 countries worldwide, where it provides more adequate tools to counter cybercrime.

New areas of competencies need to be shaped up, ranging from legal advisors to cyber diplomats, from policy makers to implementers, from researchers to educators.

Based on your experience, what practical measures do you recommend enhancing cybersecurity?

This is not easy to answer in a succinct manner because there is so much to do. To try and be brief, we usually categorise our actions along three lines of interventions: People, Process and Technology.

Let me focus on the one that, in my opinion, is the most important: People. The human factor is in more than 80% of the cases the initial channel through which the attack breaks into the target. We have to upskill, reskill and in many cases create new skills in the cyber domain. The lack of competencies and profiles in this area is critical on the global level, and the role of capacity building initiatives is essential, especially because we not only need technical profiles, but also, and most importantly, new areas of competencies need to be shaped up, ranging from legal advisors to cyber diplomats, from policy makers to implementers, from researchers to educators.

In addition, we have to insist on initiatives that favor the general awareness at large: in a society that has shifted to the online world more than half of the daily life activities, the basics of cybersecurity have become a must know for everyone.

Can you give us an example from your work that you believe makes a difference in advancing cybersecurity?

In Cyber 4.0 we have been developing a whole bunch of initiatives that are aimed at strengthening competencies at national level.

First of all, training initiatives. I would classify them into five categories:

  • Basic training – mostly for enterprises that are not operating in technical fields. The impact here is to increase the overall preparedness to cyber attacks and create the basis to streamline cybersecurity in the organisational processes of the trained entity;
  • Advanced training – mostly technical, aimed at certifying competencies and skills of cybersecurity professionals on international standards, thus contributing to the hardening of processes and procedures in their relevant organisations;
  • Master level training – for cybersecurity managers and policy makers, in order to create new competencies and profiles for large enterprises and Public Administration;
  • Awareness campaigns – dedicated to spread a cybersecurity culture within an organization and reduce the risk of being exposed to attacks that leverage the human factor as initial entry point;
  • Training for students. Among the many initiatives in this area, let me mention a programme developed with the Regional Administrations and the Italian Ministry of Education and Merit, aimed at higher and lower high schools.

In addition, the Center has been implementing several advisory initiatives, ranging from organisational and technical cyber assessments to the design, co-funding and management of research and innovation projects. But also from the availability of facilities to test cybersecurity technologies to the development of immersive simulations of cyber contexts, including through the use of cyber ranges.

Allow me to mention, last but not least, the engagements we have been having in the field of international capacity building projects, to support national authorities in Africa, the European region, Latin America and the Caribbeans on strengthening capacities of cyber operators, criminal justice sector and cyber diplomats.

How do you think is EU CyberNet playing a role in building this community of experts and advancing cyber capacity building efforts around the world?

EU CyberNet is certainly a major player in the cyber capacity building arena.

The community of experts that it has been building is truly a unique at global level: no other region in the world can count on such a vast, prepared and competent base of professionals that are willing to share their knowledge and experiences with each other and with their peers, and to engage in concrete actions to support countries worldwide in strengthening their cyber posture.

I myself participated in a number of missions with CyberNet and the impact was evident, not only from the feedback we got on the spot, but above all in the aftermath, with new trainers formed at national level, new proposals raised at policy level and a stronger engagement and role of the country in the international debates on cybercrime and cybersecurity.

Keep reading similar articles
Saira Isaac Hernández: “Achieving a space of authority within the circle [of men] has been a journey of a lot of work and extra miles.”

Mini-interviews with EU CyberNet experts. Saira Isaac Hernández has been part of the expert pool for over a year and has contributed to the work of EU CyberNet

5 partners have officially joined LAC4

Throughout 2023, LAC4 has become increasingly notable for its proactive initiatives, leading to the official inclusion of five partners in its activities by the year’s end.

EU CyberNet in numbers

By the end of 2023 EU CyberNet has 359 members in the Expert Pool and 70 members in the Stakeholder Community.

By EU CyberNet team
EU CyberNet Missions 2023

In 2023, EU CyberNet took action around the world and delivered an incredible amount of missions throughout the year.

Inputs from the Octopus Conference 2023

EU CyberNet participated in the Octopus Conference 2023 in Bucharest, Romania, along 500 other cybercrime experts from about 100 countries. A special session focused on ten years of capacity building by the Cybercrime Programme Office of the Council of Europe (C-PROC) which was addressed by Bjørn Berge (Deputy Secretary General of the Council of Europe) and Traian Hristea (State Secretary, Ministry of Foreign Affairs, Romania).

By Cecilia Popa, Experts Lead, EU CyberNet
EU CyberNet Club events in 2023

EU CyberNet conducted twelve Club events for our community members in 2023, covering a wide range of topics – from NIS2 Directive to cybercrime takedowns. The Club events take place every month and provide opportunities for our experts and stakeholders to learn from and discuss with other members of the community.

By Silja-Madli Ossip, Policy Officer, EU CyberNet