Interview: Gavin Henderson, Vice-President, Regional Security, Mastercard

Mastercard is one of the globe’s leading corporations in the financial services industry. It operates the world’s fastest payment processing network, connecting consumers, financial institutions, retailers, governments and businesses in more than 210 countries and territories.

Mastercard’s key mission statement is: “Every day, everywhere, we use our technology and expertise to make payments safe, simple and smart.”

To underline that mission, the company today announced it is developing its first European Cyber Resilience Center, a state-of-the-art cyber and security center located in Waterloo, Belgium, that will drive collaboration between both public and private sectors, as well as regulatory bodies, to further support enterprise resilience in the region.

Infosecurity spoke to Mastercard’s vice-president of regional security, Gavin Henderson, to learn more about the new cyber-center and discuss the security landscape within the financial services sector.

What is Mastercard’s European Cyber Resilience Center?

The European Cyber Resilience Center is a new facility that Mastercard is developing to synchronize our global resources and partners and help put Europe at the forefront of enterprise resilience.

We believe that best practice ideas and solutions come to life when there is real cross-organizational collaboration, and this is what we want to nurture at our Cyber Resilience Center. We want to encourage better intelligence sharing and bring together the best talent and expertise from public and private organizations, as well as regulatory bodies, to build a stronger security ecosystem.

Our current partnerships network includes various national cyber-intelligence centers, industry groups, law enforcement agencies and central banks across Europe, enabling a significant opportunity to draw intelligence from every corner of the world.

Only a truly inclusive and collaborative approach to security can deliver robust solutions that can help mitigate and respond to critical cyber – but also fraud, geo-political and physical – risks that our network of customers, partners and cardholders all face. The center will gather expertise and insights from a range of different stakeholders, sectors and disciplines to shape best practice solutions, on a global level. From threat and opportunity analysts, to development and response researchers, and communications specialists, the center will serve as a hub to a broad variety of world-class cyber and physical security professionals.

Located at Mastercard’s European headquarters in Waterloo, Belgium, the center is the first of its kind that we’re investing in outside of North America. Drawing on the experience and capabilities of our US Fusion Center, this new facility will bring us even closer to key customers, partners and law enforcement agencies in the region.

Why has Mastercard chosen to open the center, and what does it aim to achieve?

The growing complexity of the threat landscape in the financial sector is undeniable. Fraudsters and hackers are ever more relentless and lurk around every corner. The challenges that businesses and individuals in the financial industry face today continue to emerge at speed, encompassing both digital and physical worlds. This is why we believe that a holistic and truly collaborative approach to security is vital to creating a stronger cyber-ecosystem that everyone can trust.

The opening of the European Cyber Resilience Center mirrors our commitment to seeking new ways to further enhance digital and physical resilience across our network and create solutions for all sections of society.

Having a central European hub will help us drastically shorten the lines of communication amongst internal Mastercard teams and externally with customers, partners and stakeholders. It will improve response times and effectiveness during global events, natural disasters, service and security incidents, ensure compliance with privacy laws globally and thereby unlock boundless opportunities for all.

How important is information security within the financial services industry?

The financial ecosystem has evolved massively over the past decade – shifting expectations around accessibility and connivance. Yet, that convenience has created a whole new digital realm that comes with greater security risks for both digital and physical worlds.

From the everyday life of individuals, to the existence of businesses and even whole sectors, a huge part of the world depends on security. Being part of a technology-led economy and society today ultimately means putting a record of your life or the core of your business in the hands of a machine.

With such a vast pool of customer and business data and credentials that promise a lucrative return, it’s no wonder why the sector is always a priority target for attackers.

What are the greatest security risks and challenges for the financial services sector?

There are more stakeholders, payment channels and people now than ever before, so the need to enhance the security and experience across this increasingly dynamic system is ever bigger.

Every connected entity – from enterprise servers to wearable devices – needs to be secured, no matter how important or insignificant it might seem. Businesses and individuals expect no less than accessibility and convenience and seek transparency over the way their data is used. All of this has created the perfect ecosystem for hackers and fraudsters to operate in, and this is where the challenge lies. It’s about finding ways to innovate and offer the best services and experience, while still ensuring that security by design is built into the development process.

What’s Hot on Infosecurity Magazine?