University of St. Cyril and Methodius
What was your career in before making the switch to cybersecurity?
Compared to today's cyber-teen generation, I spent my childhood counting fighter jets and tomahawks that were flying across the Balkan sky daily, praying the given coordinates were precise, guiding the tomahawks to the right targets. I took my first steps in the field of security at the Military Academy General Mihailo Apostolski, Skopje, Macedonia, studying aviation. As the first generation that was trained and educated according to NATO standards, luck turned its back on us. Due to the transition of the army and security structures, the entire generation of graduated lieutenants changed course from the military to civilian life. I started studying political science at the Iustinianus Primus Faculty of Law at the University of St. Cyril and Methodius in Skopje, where, in 2011, I successfully defended my doctoral dissertation in the field of politics and security. Earlier, in 2008, I started my career as an independent intelligence officer in the Financial Intelligence Office, a position I'm still active in today. My main duty is to analyze suspicious transactions related to money laundering and terrorism financing, as well as the implementation of international restrictive measures. Within the scope of my duties, I am a member of the National Committee for Countering Violent Extremism and Counter-Terrorism in the Republic of North Macedonia, the working group for Chapter 24 - Justice, Freedom, and Security, which has an obligation to harmonize domestic legislation with European legislation.
Tell us about your journey transitioning from your primary career to cybersecurity.
Knowing and discovering the way in which criminals use cyberspace in order to generate proceeds of crime has imposed the need for its study. Only through such an approach can you understand the psychology of criminals, why and for what purposes they use cyberspace, what methods of attacks they use, and how they choose their targets. Naturally, I started independently by studying legislation, researching the norms and standards, as well as investigating cyber crime cases. I have to admit, the internet has played a major role in this. Afterwards, together with my esteemed friends, associates, and colleagues, we established the Cybersecurity Corporate Security and Crisis Management Initiative (C3I) in Skopje, through which we accomplished several projects concerned with building a cyber resilient society. C3I started cooperating with private institutions, especially financial institutions, through education and printing instruction materials intended for clients in order to inform them about the risks and threats of cyber crime and ways to protect themselves. There is a saying that if you are not able to share your knowledge outside, then you will not be able to share it at home either. I was elected an honorary member of the nonprofit organization Cyber Security Research Center – Global in Istanbul, Turkey, which is a unique research center focusing on the effects of cybersecurity threats on societies. For 4 years, I have been a lecturer at the Academy of Banking and Information Technology, where financial workers are educated and introduced, among other things, to cyber crime and security.
Why did you choose a career in cybersecurity?
Internet technologies become continuously more advanced, and so do the ways in which criminals utilize them for their illicit and illegal activities. Among these technologies, digital currencies are transforming the criminal underworld. They are also a powerful new tool for criminals and terrorist financiers to convert, remit, and conceal illicit funds from law enforcement authorities. There is a clear consensus that digital currencies pose a money laundering and terrorism financing threat. A small number of cases have already shown law enforcement agencies that money laundering and terrorism financing can easily take place inside virtual environments, offering high levels of anonymity and low levels of detection, removing many of the risks associated with real-world money laundering and terrorism financing activities. On the other hand, the introduction and distribution of new products into the banking system is an open field where criminals have found a solution to commit criminal activities and abuse.
The most common risks to a financial institution that offers e-banking services and users of e-banking services are internet fraud, harmful software, Advanced Persistent Threat (APT), payment card fraud, and DDoS attacks on critical financial information infrastructure. These actions represent offenses in which the offender may acquire illegal profit. In order to conceal the source of illegal property (usually in the form of cash), the perpetrator puts the cash into the financial system and pursues a process of money laundering. The role of public and private partnership, which means cooperation between the private sector and law enforcement, is of great importance in the early detection of suspicious persons or transactions that deviate from daily operations. A public-private partnership must set up an ambush. They wait for terrorists and their supporters to make the smallest mistakes in order to reveal their identity and purpose. We always need luck to not get hacked, but hackers need it only once to break into a system.
My first task is to prevent cyber crime by setting up standards and legal framework, and thus building a cyber crime-resistant society. My second task is to detect, identify, and lead investigations related to cyber crime, money laundering, and terrorist financing.
What did you do differently than your peers when choosing cybersecurity as your career?
As I have said, I haven't made a full career switch, but a career update. I have never stopped my schooling and research. The study of an unknown subject (cybersecurity) required dedication, love, and desire to discover new things. By doing this, you acquire new knowledge that will make you more recognizable and competitive in the job market.
Can you please share your views and thoughts for those who want to be part of the cybersecurity industry?
Whether we like it or not, the environment itself imposes the need to keep pace with the development of technology, and therefore cybersecurity. Cybersecurity is a wide area. Certainly, depending on your background, you need to determine which area of cybersecurity you will be researching. To be more successful, focus on the area that will help you upgrade your career.
In your opinion, how is your old career helping or influencing you on your cybersecurity journey?
As I described, trying to understand the psychology of criminals in order to discover why and for what purposes they use cyberspace, and creating cybersecurity based on that, imposes the need for it. I will mention again that there is no old or new career here, but an upgrade of my old career. From a practical point of view, as a financial analyst, you will never find a criminal who, through cyber crime, acquired proceeds while using virtual wallets, currencies, and channels for transferring proceeds of crime.
What would you like to suggest to our readers who want to start a career in cybersecurity, and how can they do so?
The first thing they need to do is explore cybersecurity and focus on the area they feel will be able to help them with their career. Of course, further education should be carried out systematically, from studying norms and standards to exploring practical functionalities and ways of functioning. I am speaking from the aspect of detecting the financial crime that takes place in cyberspace, which, according to all surveys, is common among cyber criminals. Certainly, the main aspect is discovering the weaknesses of the internet and technology products, such as smartphones, tablets, computers, POS terminals, ATM machines, e-banking, and so on. Of course, all of these products and services are used by people. Do these products offer full protection of users' personal information, and how can personal information be stolen and misused (identity theft, phishing, pharming attacks, and so on)?
Do you suggest that someone should be an expert in one vertical of cybersecurity or should they be an expert in every domain of cybersecurity? What is your opinion from an industry perspective?
I already mentioned that cybersecurity is a wide area. It is not possible to be a cyber expert in the financial and the military field at the same time; these are two different areas. Perhaps upgrading the platform is common, but later they will have to redirect to the area they feel is most suitable for them, that is, in which they can build a career as a cyber expert. The development of cybersecurity is so dynamic that it is virtually impossible to explore both areas simultaneously. Or, in a nutshell, tomorrow makes a distant past of the present day in terms of the development of technology and the opportunities that emerge from it.
The cybersecurity landscape is ever-changing and extremely dynamic; how do you keep yourself updated? What are your suggestions for our readers?
The area of cybersecurity is a constantly evolving one, which raises the question of whether infinity is the limit. It requires continual reading and researching, following new trends and practices. This will enable you to observe and detect cyberspace's weaknesses, which can be used by criminals for their purposes. If conditions allow it, it is necessary to participate in seminars, conferences, workshops, and forums in which the main topic is cybersecurity.
In your view, what is more important: having a cybersecurity certification, getting the relevant security training, or gaining hands-on experience through a job?
Could you drive your car without a driver's license? Yes, if someone teaches you how to drive. But would you be able to recognize traffic signs, and would you acquire driving etiquette? No, because you need to pass the tests. It's the same with cybersecurity. Theory without practice is not functional. Practice without theory is not innovative. This means both are necessary to make a whole. I always say to my students that non-formal education today is just as important as formal university education. The formal education will give you the basis, but practice in correlation with non-formal education will direct you in a certain area of cybersecurity.
Can you give us an example of an organization that needs cybersecurity even more than others?
Definitely, yes! I will speak from the aspect of the financial sector as it is the sector most abused by criminals in order to generate proceeds. Virtual currencies have further slowed down the process of detection, monitoring, freezing, and confiscation. Therefore, the focus of cybersecurity within the financial sector is directed toward these aspects. Well-known cases such as Carbanak, Mariposa, and many others, where banks and their clients were directly threatened, only stress the need for enhanced cybersecurity in this sector. An additional problem is the lack of awareness of the risks posed by cyberspace. This is especially true for companies that are export- and import-oriented. Following investigations, they are the most affected at the moment. Their correspondence with foreign partners is often intercepted and modified by criminals, causing financial damage.
Who is Ivica Simonovski?
Doctor of political science at the Faculty of Law, University of St. Cyril and Methodius – Skopje, Republic of North Macedonia, Dr. Simonovski has almost 12 years' experience in the Financial Intelligence Unit as an independent intelligence officer. He is also a lecturer at the Academy of Banking and Information Technology – Skopje, Republic of North Macedonia.
He is the cofounder of Cybersecurity, Corporate Security, and the Crisis Management Initiative – Skopje, Republic of North Macedonia, and is also an honorary member of both the Cybersecurity Research Center and the Cybersecurity Research Center, Istanbul, Turkey.
Dr. Simonovski writes and briefs extensively on these subjects. He is the author and coauthor of papers published in national and international science journals. He is also the coauthor of Countering the Financing of Terrorism in the International Community, published by Peter Lang GmbH, Switzerland.
During his career, he has been a lecturer at the NATO Centre of Excellence – Defence against Terrorism in Ankara, Republic of Turkey, and the George C Marshall European Centre for Security Studies in Garmisch, Partenkirchen, Germany.