ENTREPRISES & STRATÉGIES — Services & Conseils

Jelena Zelenovic Matone (EIB)

“Luxembourg is an ideal target for the cybersecurity dominance”

Jelena Zelenovic Matone, Senior Unit Head & CISO at the European Investment Bank, (Photo: DR)

Jelena Zelenovic Matone, Senior Unit Head & CISO at the European Investment Bank, (Photo: DR)

As part of the “10 × 6 Cybersecurity: 10 shades of risks” organised by the Paperjam + Delano Club on Thursday, November 25, Jelena Zelenovic Matone, Senior Unit Head & CISO at the European Investment Bank, shares his vision and experience of cybersecurity.

How do you define a real hacker?

Jelena Zelenovic Matone. —”Let us look at the big picture here: things are designed for one or another purpose to make our lives easier nowadays. Innovation is great! IoT has grown so much that it attracted hackers in all parts of life to explore new possibilities and play with the “mortals”. There are ethical hackers and then simply those hackers that lack ethical word in front of the title. I would say that the latter is the person who uses their knowledge to harm a person or an organisation either for financial, reputational, or simply for fun purposes in unauthorised or illegal methods. 

However, if we look at ethical hackers, there is a positive side to hacking. These professionals are real problem solvers. They find vulnerabilities and help out the organisations point out the weaknesses that should be fixed before it’s too late. And in fact, we should have more ethical hackers around to help society in general. 

 Luxembourg has a large concentration of financial companies. Is the Grand-Duchy an ideal target for hackers?

“The financial sector can be one of the most targeted sectors due to its reliance on information and its role in the credit intermediation process. Among cyber-attacks, data breaches and fraud are perhaps more popular, yet business disruption is also significant. However, I would say that Luxembourg is an ideal target (or hub) for the cybersecurity dominance of the EU! With so much to offer and the country’s potential, I would see the country as a hub of cybersecurity dominance in this field. There is so much happening here with advancements in cybersecurity. The country is very serious about improving and heightening these walls that I would see this with somewhat positive lenses. 

The mere fact that not all cybercriminals are attacking for financial purposes tells us that Luxembourg is not that much more attractive to cyber than any other financial hub in the world. And those attacking for financial purposes might be attacking, in fact, other organisations for different motives. With covid-19 threats multiplied and diversified, we see a rise in coronavirus dedicated websites, coronavirus safety measures, etc., and these attackers seem to have no limits; they attack hospitals, and other critical organisations for society in general. I would have to say that financial hubs are not so different from other organisations anymore when it comes to hacks.

How do you know when you are being hacked? What are the solutions against a hack?

“A regular person might not know they are hacked and might not notice for a long time that anything is happening or anyone is sniffing on their devices. Even experienced professionals are prone to these attacks. Security is many things, but it is not a one-stop solution or a product. If you want to be safe and completely bulletproof, then unplug yourself from the internet. That’s the only way to be safe. I know none of us will do this as we would not be able to function in the long run, or even short/medium term. The number one solution is awareness of threats around us. 

Read, and then read some more about what is happening around in the world in this domain and what to watch out for. Another big one is the mindset. Let me have a healthy scepticism mindset here and say that we all understand that nothing is free in this life and we yet still click on links when people tell us we will get free money from another country or some distant cousin. Think before you act. If something seems urgent, it probably does not feel right. If the bank calls you and asks personal or account questions, it probably is not right. 

Check and check again to ensure that you are talking to the right person or reading an email from the right sender. Anyone can be that superhero at the end of a day, use the imagination and follow your guts.”