To recap cybersecurity month, we sat down with Ron Talwalkar, the Director of Cyber Intelligence & Solutions at Mastercard, to get some of his thoughts on the importance of solid cybersecurity and how small businesses should build their cybersecurity plan for a digital workspace.
Cybersecurity is more critical than ever, especially with businesses’ quick pivot to digital due to COVID-19. While we have had about a year and a half to get used to working from home and other aspects of a digitized workspace, cyber-attacks have only become bigger and more sophisticated. And the cybersecurity plans small businesses had in place haven’t necessarily kept up.
“At the start of the pandemic, businesses had to get and keep their businesses going, and the focus on cyber just wasn’t there,” Talwalkar said.
This can be the case for many reasons — Talwalkar noted that one of the biggest myths small business owners and employees might have with cybersecurity is that they are not a target. The fact of the matter is, as we discussed with Chris Klingenspor, the SVP of Business Security & Security Risk at Equifax, that every phone, every device connected to the internet can expose your business if you’re not prepared. Here are some tips for preparing your digital workplace for yourself and your company, so you can reduce your risk.
Training is Necessary
“It sounds cliché, but education is the most important part to understanding your risks,” Talwalkar said.
This has only become more true as companies bring all their activities and communication online. From the first reported attack in 1990 to today, phishing is considered one of the most frequent examples of fraud activity on the internet. They can lead to severe losses for their victims, including sensitive information, identity theft, companies, and government secrets. Educating employees on spot phishing or smishing (phishing from social media) can be a game-changer for small businesses.
“Education is the biggest threat to scammers, hackers, and other bad actors,” Talkwalkar said. “But that alone isn’t enough — training is necessary.”
And make sure to keep that training updated, as the digital landscape is constantly changing. Recently, TalentLMS surveyed 1,200 U.S. employees to gauge their awareness and knowledge of cybersecurity risks. The survey results indicated that only 69% of the respondents received training from their employers. With recent world events and cyberattacks involving just about every sector, every organization should require their employees to participate in annual training at the very least. Not providing cybersecurity training for employees increases the risk of breaches associated with human error.
The solution to these issues lies in set processes, not just technology. There are two things you should focus on: establish a set of priorities for your team and focus on an adjusted set of cybersecurity risks. However, make sure you don’t neglect to establish a path to return to normal in a nondisruptive way when the time comes.
Use the Available Tools
“It’s a kitchen sink of security out there,” Talwalkar said. “Small businesses don’t necessarily have access to the same tools as larger companies, and you need more protection than ever before.”
But that doesn’t mean you don’t have options as a small business owner. You need both breadth and depth in your cybersecurity plan, according to Talwalkar, and you can get this by leveraging the strengths of already-built tools made for small businesses.
“For protecting your critical data, you need to minimally build in two key steps in your cyber security plan,” Talwalkar said. “One is to encrypt your data and the other is to ensure you have a secure data storage that’s on a regular backup schedule. Most backup tools today provide both encryption of data at rest and in motion.”
Additionally, Talwalkar suggested that ensuring you have standard Anti-Virus protection with an integrated Firewall, a strong VPN, and basic Multi-Factor Authentication for any highly privileged login access is vital. Finally, don’t ignore patching — this is still by far the best protection to ensure vulnerabilities are not exploited. You can also access Mastercard’s Trust Center easily in Markaaz’s Small Business Resources section any time you need.
Verify Your Suppliers and Business Partners
“It’s not enough to just focus on your business, you have to look into the companies you do business with,” Talwalkar said.
Platforms like Markaaz, a comprehensive solution to help small businesses discover pre-verified suppliers and vendors, help companies mitigate risk and reduce their exposure to cyber risks. Markaaz has developed best-in-class technology to streamline the vendor due diligence process. The platform enables your small business to find and verify trusted suppliers on the spot. Our goal is to offer leading-edge solutions that empower small businesses to grow and compete in the global marketplace.
The Future of Cybersecurity
Talwalkar recently attended Black Hat USA, a cybersecurity conference, and one of the most compelling messages he heard was the first keynote. It focused on the supply chain and associated risks, which are typically tied to geographics and geopolitics.
As far back as 5 years ago, cybersecurity was listed among the top three threats to our nation. Talwalkar is noticing a lot more emphasis on that, and that’s trickling down from the federal initiatives to small businesses.
“A federal initiative I’m excited about, the Joint Cyber Defense Collaborative, was discussed by CISA,” Talwalkar said. “It’s a program to bring together public and private companies to really target attacks on infrastructure. I’m sensing a knock-on effect here, which is great because we want to get in front of these attackers.”
As we continue to build out our cybersecurity training plans and initiatives, it’s essential to keep an eye on the future. The digital landscape is constantly changing, and so are cyber risks. But armed with tips from Talwalkar and our expert series, you can learn how to mitigate your cyber risks.
We appreciate Ron Talwalkar’s time and insights on cybersecurity, as part of our expert series. Learn more about Markaaz’s mission to support the growth of small businesses everywhere. Check out how Markaaz can help your business today.
For more than 50 years, Mastercard has pioneered technology to make payments simpler, smarter and safer. They believe in committing time, energy and passion to supporting local projects and addressing global challenges. By connecting individuals, businesses and organizations in more than 210 countries and territories today, they are unlocking opportunity for more people in more places for generations to come. Mastercard works to connect and power an inclusive digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, their innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Their decency quotient, or DQ, drives the Mastercard culture and everything they do inside and outside of the company.
Markaaz is the world’s first platform to enable verification, monitoring and payments while connecting small businesses and the network of partners that support them. Through the Markaaz Directory of pre-verified businesses, an all-in-one Dashboard with integrated tools and resources, and a user experience supported by AI, Markaaz delivers accessible and affordable solutions to empower small businesses like never before. Recognized internationally by the World Economic Forum as a Global Innovator, founded by a team of world-class executives and advisors who have done this before, and in collaboration with strategic partners, Markaaz is driving equitable and inclusive solutions for small businesses around the world.
About Ron Talwalkar
Ron Talwalkar is the Director of Cyber Intelligence & Solutions at Mastercard. With an educational background in both computer science and engineering, he is a leader in the space. Talwalkar’s career consists of 27 years of IT experience, and the last 16+ years specifically in Cyber. He heads up product and engineering from SMB to Enterprise at McAfee, Intel Security, Cylance, Eclypsium, ReversingLabs and Mastercard, with a focus on Risk Management, Endpoint and Network Security, Threat Intelligence, Cloud Security and Hardware/Firmware security.
About the Author
Casey Pontrelli, Content Manager
Casey Pontrelli is a multi-talented professional with a background in content creation, branding, and social media marketing. Whether writing for a newspaper, eCommerce website, B2B startup, or a marketing agency, she has taken her strong background in journalism and turned her focus to SEO and content marketing. She’s written about everything from boutiques to cars to online lending, but she’s especially passionate about supporting small businesses and giving them equal access to opportunity, which is why she’s a proud member of the Markaaz family. When she’s not writing up a storm or creating eye-catching social media graphics, Casey enjoys hanging out with her two cats, Eddy and Larry, going on long bike rides, and, predictably, reading.
Follow Casey on LinkedIn here.