What it takes to fend off cyber threats (hint: collaboration helps)

As a child growing up in Philadelphia, Ron Green dreamed of becoming a police officer like his father and uncles. But his father insisted he attend college first, and Green graduated from West Point with a mechanical engineering degree. Still eager to serve, he then joined the U.S. Secret Service. That’s where he discovered that, in our increasingly digital world, data could be either a powerful tool or a dangerous weapon.

Since joining Mastercard in 2014, he has worked to protect the company’s vast network of financial institutions, merchants and consumers. As chief security officer and a newly appointed member of Mastercard’s Management Committee, Green sat down to talk about what the future of global digital security will look like, and what cybersecurity experts have in common with … wildebeests?

You had a long career in law enforcement, namely the Secret Service. Tell us about that.

When I joined the Secret Service in the mid-1990s, whenever we searched a place with a warrant, we would always discover a computer. Since I had a degree in mechanical engineering, my colleagues would leave me to investigate what was on those disk drives. When my bosses found out, they recruited me to join 24 other agents to learn computer forensics, and I went on from there.

This was back in the early days of cybersecurity, and the mentality of criminals was different. They were primarily young hackers who would break in to deface an organization’s websites just to make a name for themselves.

The stakes are so much higher now. Today we’re dealing with criminal enterprises that have created a marketplace where different hackers build malware or virtual stores to sell the data they have stolen, and as we’ve seen with the recent wave of ransomware attacks, these threats can have repercussions far beyond data loss. They can impact our infrastructure, interrupt healthcare and disrupt the economy as a whole.

Why should Corporate Security play a role in the overall management of Mastercard?

By adding us to the Management Committee, Mastercard is putting us on a peer level with other leaders who make strategic decisions for the corporation. I'm excited to be able to offer a unique perspective to the discussions. When it comes to security, we need different perspectives working together to defend our company and our customers from potential challenges. The same applies in the boardroom. You have to have people from varied backgrounds sharing different points of view working together solve complex problems, tackle the issues and drive meaningful, sustainable impact. In addition, Corporate Security not only can provide advice from a physical and cybersecurity perspective, but we play an integral role in building new products that are secure by design. This approach means teams are able to deploy products and solutions faster because we’re working with them to ensure security is baked in from the start.

What are your priorities for moving cybersecurity efforts forward at Mastercard?

I want us to continue thinking about the broader ecosystem of cybersecurity and how it impacts the world in which we live. It’s not just about protecting our own company. For instance, smaller businesses are crucial to the economy, and helping them raise their level of security is beneficial to everyone. We need to work to make security simple for the average user, whether they are part of Mastercard or not. We need to make it hard for bad guys be successful.

How has the world’s approach to cybersecurity evolved?

Our adversaries — the bad guys — coordinate with each other. We need to do the same, and that includes sharing with other private sector companies. Only by learning what kinds of threats are out there and exchanging our most effective tactics can we root out these ongoing threats to our infrastructure and personal privacy. I see it like wildebeests: When they run as a herd, they have more protection against the lions.

Are you able to find the people you need to help with this work?

We have been struggling with a shortage of cybersecurity professionals for several years. In 2020, there were over 3 million positions globally that could not be filled. To get more young,  smart people into the field, we’ve teamed up with Microsoft, Workday and the Partnership for Public Service to create the Cybersecurity Talent Initiative (CTI). The program offers top-performing cybersecurity graduates an opportunity to work in one of 11 government agencies, including the CIA and the FBI.

After two years of employment with the government agency, they are invited to work at one of the private sector companies, where they will receive up to $75,000 in student loan forgiveness. In addition to providing college graduates with a dose of real work experience, CTI gives them the chance to build a network of government and private sector contacts.

When threats arise, any given cybersecurity professional could tap contacts throughout the world — friends in government agencies, non-governmental organizations and private corporations — to put their heads together, share strategy and information and come up with speedy solutions. The more varied and widespread our professional network becomes, the better we can protect our nations, our families and ourselves.

Top Photo: Mastercard’s O’Fallon, Missouri-based Fusion Center, where teams from across the company sit to speed response time and coordination efforts.