Posted on Leave a comment

How to instill trust in every transaction – and every interaction

By Ajay Bhalla

“We can only make delivery of your next shipment if you pay your outstanding balance of $102.02; please download the attached invoice.”

“The password for your email account has expired. Click here to change your password.”

“You can receive your tax refund faster — all you have to do is share your bank account information.”Seemingly every day, each one of us is barraged with a never-ending stream of urgent requests and so-called “opportunities” across an ever-expanding network of apps, platforms and IoT devices. These examples are only the most obvious threats, ones we can — hopefully — easily identify and defuse. But in our hyperconnected world, we may not always be aware of where we are vulnerable.

The small businesses we support are under increasing threat, with cybercriminals exploiting the rapid transition to e-commerce during the pandemic. So too are local governments — a forthcoming report by RiskRecon, a Mastercard company, reveals that 41% of American cities do not have information security programs strong enough to protect their data assets, making them vulnerable to data breaches and ransomware attacks that could upend essential city services.

Even larger companies with more cybersecurity resources struggle to properly safeguard their businesses when employees work from home over less secure connections, or find themselves at risk from bugs in ubiquitous pieces of software. They also fail to appreciate the risk posed by third-party vendors — or vendors of those vendors, often many steps removed from their core business.

A decade ago, mobile banking and digital payments had just begun to take off, but the connections within the ecosystem were still clearly defined and well protected through industry standards and protocols, limiting the risk of large-scale fraud and cyberattacks. Today, the digital explosion has created exciting opportunities for people and businesses of all sizes — and many more points of vulnerability for all of us.

It’s not enough to protect each transaction. We must work together to protect trust in every interaction, taking what we all have learned in managing individual risk and bringing those best practices — and developing new ones — to the rest of the cyber realm.
“A more proactive, forward-looking attitude toward cybersecurity will support innovation while infusing trust across the digital economy.”

That means continuing to set the digital standards to fortify trust, and collaborating with government agencies and other private-sector companies to quickly identity emerging threats.

It also means evolving our focus on risk, taking an outside-in approach to assessing and guarding against the vulnerabilities of our vendors, suppliers and partners, as we do our own. These “third-party risk” attacks are projected to account for 60% of cybersecurity incidents this year. We are only as strong as our weakest link, but companies large and small may not have a full understanding of who is participating in their ecosystem and being trusted with access to sensitive data and operating functions — or if they do, is that information current? Could it change tomorrow? Would they be ready if it does?

That’s why we launched the Global Cybersecurity Alliance Program earlier this year, which provides user-friendly APIs to extend cyber-risk monitoring and scoring to our partners’ customers — and why we are excited that Interos, an industry leader in systemic risk management, will be joining the alliance.

This holistic view of risk can save time and resources, reduce potential financial losses and give companies and governments the opportunity to focus on what they do best — serving people.

A more proactive, forward-looking attitude toward cybersecurity will support innovation while infusing trust across the digital economy. A systemic approach to risk makes us all stronger.

Original Post