
Steve Brown
Vice President, Mastercard Cybersecurity
Cybercriminals are taking advantage of the digital economy to exploit weaknesses in IT systems. The threat is real, so organisations must take steps to protect themselves.
The digital economy has revolutionised the way we do business. It’s allowed companies to reduce their costs, become more efficient, expand their market reach and make life more convenient for their customers with innovations such as contactless technology and banking apps.
Cyberattack risks can affect all sectors
Unfortunately, the digital economy has also been a boon for cybercriminals and fraudsters that are always ready to exploit holes in a company’s IT security. The annual cost of cybercrime worldwide is projected to hit $14 trillion by 2028. “If businesses are driven by a ferocious desire to get online and digitise their services, unprotected connections can create vulnerabilities that cybercriminals will use to their advantage,” says Steve Brown, Vice President, Mastercard Cybersecurity. “The increase in Internet of Things (IoT) — which connects all manner of devices and machines online — has only provided them with more attack surfaces and entry points.”
While the digital landscape is constantly changing, one thing remains the same: the effects of cybercrime are devastating. “It can take a business offline so that it suffers financial loss,” explains Brown. “Ransomware attacks can cripple systems and leave companies open to blackmail. If it happens to the healthcare sector, it can disrupt people’s care. In the financial sector, it can lead to the theft of account data that can be used to perpetrate fraud.”
Ransomware attacks can cripple
systems and leave companies
open to blackmail.
Cybersecurity trends and the benefits of collaboration
In Ireland, business systems were the primary focus of attention for cybercriminals, with malware and ransomware attacks being most prevalent, followed by email, phishing and reconnaissance (or data gathering) attacks.
What’s needed, says Brown, is a joined-up approach with private companies and public sector bodies working together to protect businesses from the scourge of cybercrime. “With this in mind, Mastercard launched its European Cyber Resilience Centre in Belgium last year,” he says. “This is a collaborative space where cybersecurity professionals in the public and private sectors can come together, share best practice, share intelligence and be more proactive in this fight. Cybercriminals and fraudsters are working together and learning from each other, so we have to do the same.”
Improving knowledge and strengthening security standards
Traditionally, Mastercard’s business customers were mainly based in the financial sector; but over the years, the company has diversified and now provides products, services and thought leadership to retailers, manufacturers and others. Whatever business you are in, though, and whatever size you are, Brown warns that you shouldn’t ignore the security of your supply chains. That’s because criminals often recognise vendors, suppliers and other partners as weak points that can be exploited to gain access to the wider system.
Also, large entities shouldn’t think their size is a guarantee of strength. “That can prove costly,” says Brown. “To counter this, we take an ‘assess’, ‘protect’ and ‘organise’ approach to cybersecurity with our solutions and services.”
Understand business vulnerabilities and stay ahead
Assess is about using new and emerging technology, such as AI, to help Mastercard business customers gain greater risk visibility, both internally and within their supply chains, to understand where any vulnerabilities may be. Then, services such as unique real-time threat intelligence and multi-layered cloud-based defence technology can be deployed. One of Mastercard’s AI-powered solutions, SafetyNet, has prevented $50 billion in fraud losses over the last three years.
Finally, what Brown calls ‘the collective’ (ie. organisations, businesses, governments and individuals) must organise to continually improve cybersecurity knowledge and strengthen cybersecurity standards. “Apart from our European Cyber Resilience Centre, we work with NGOs such as the Cyber Readiness Institute and Aspen International, plus government policymakers and others, to be a positive voice within the community,” he says.
Ultimately, they understand the security pain points customer face to stay ahead of cybercriminals. “But it is a race,” Brown admits. “Because the advanced persistent threat (APT) groups that work for nation states are operating 24/7, 365 days of the year. It’s why the work we do to protect people and businesses is so relentless.”