The Security Detail Download: Cyber Threats to the Finance Sector

The Security Detail is a podcast series facilitated and hosted by SURGe, Splunk’s strategic security research team. 

Every other week, co-hosts Audra Streetman and Kirsty Paine interview security experts about the cyber threat landscape across various industries.

Episode 7 features an interview with Paul Trueman, executive VP of segments in cyber and intelligence at Mastercard, the second-largest payment-processing corporation in the world. In his role, Paul leads teams responsible for the enhancement of solutions and insights for partners, consumers and governments globally, helping to advance security and trust in the evolving digital ecosystem.

Paul’s interview highlights the extensive  digitization of financial services, and how this both helps and hinders security. 

Read the top takeaways from the interview, or download the full episode.

1. Resilience is non-negotiable

Trueman emphasized the critical role that digital resilience plays in the financial sector. Given the high stakes nature of the data and transactions involved, as well as the evolving threat landscape, resilience is vital to ensuring uninterrupted operations and securing financial systems.

Cybersecurity awareness, regular risk assessments and adapting to changing threats are key components of building and maintaining a robust resilience strategy.

“Resilience is at the center of everything you do,” Trueman explained. “If you're handling 125 billion transactions and you're expecting a kind of five-nines uptime, you just can't be down. So resilience is center. If the type of threats we're getting are changing, resilience needs to change.”

2. Transaction technology is constantly evolving 

Trueman discussed the massive shifts in transaction technology and enabling new forms of choice. From contactless payment to cryptocurrencies, all transaction methods and systems have got to work. At the end of the day, Mastercard needs to make sure that people get paid for the goods that they sell.

"From payment through your card to use of PIN to contactless to using your phone, digital wallets and then cryptocurrencies, it's all about enabling consumers with choice. No one's going to fight against choice because choice is good. But what you want to know is that wherever you've got a choice, that your options are safe."

3. “Think before you click”

When asked what he would recommend or mandate if he were a CISO in the financial sector, Trueman simply stated: “Think before you click.” Phishing is a top attack vector, so taking the time to pause before clicking on a suspicious link can make all the difference. 

"Technology is enabling attackers to extend those scams beyond borders. So you're seeing a lot more attacks coming through in different ways,” Trueman said. “A few years ago, it almost seemed like happy times when you said, well, you'll be able to recognise a scammer because there's always a misspelling.”

Listen to the full interview to hear Trueman’s thoughts on MasterCard’s role in the global financial landscape, the rise of digital assets and cryptocurrencies and the need for continuous cybersecurity awareness. To learn more about The Security Detail podcast, visit thesecuritydetail.podbean.com.