To recap cybersecurity month, we sat down with Ron Talwalkar, the Director of Cyber Intelligence & Solutions at Mastercard, to get some of his thoughts on the importance of solid cybersecurity and how small businesses should build their cybersecurity plan for a digital workspace.
Cybersecurity is more critical than ever, especially with businesses’ quick pivot to digital due to COVID-19. While we have had about a year and a half to get used to working from home and other aspects of a digitized workspace, cyber-attacks have only become bigger and more sophisticated. And the cybersecurity plans small businesses had in place haven’t necessarily kept up.
“At the start of the pandemic, businesses had to get and keep their businesses going, and the focus on cyber just wasn’t there,” Talwalkar said.
This can be the case for many reasons — Talwalkar noted that one of the biggest myths small business owners and employees might have with cybersecurity is that they are not a target. The fact of the matter is, as we discussed with Chris Klingenspor, the SVP of Business Security & Security Risk at Equifax, that every phone and every device connected to the internet can expose your business if you’re not prepared. Here are some tips for preparing your digital workplace for yourself and your company, so you can reduce your risk.
Training is necessary
“It sounds cliché, but education is the most important part of understanding your risks,” Talwalkar said.
This has only become more true as companies bring all their activities and communication online. From the first reported attack in 1990 to today, phishing is considered one of the most frequent examples of fraud activity on the internet. They can lead to severe losses for their victims, including sensitive information, identity theft, companies, and government secrets. Educating employees on spot phishing or smishing (phishing from social media) can be a game-changer for small businesses.
“Education is the biggest threat to scammers, hackers, and other bad actors,” Talkwalkar said. “But that alone isn’t enough — training is necessary.”
And make sure to keep that training updated, as the digital landscape is constantly changing. Recently, TalentLMS surveyed 1,200 U.S. employees to gauge their awareness and knowledge of cybersecurity risks. The survey results indicated that only 69% of the respondents received training from their employers. With recent world events and cyberattacks involving just about every sector, every organization should require their employees to participate in annual training at the very least. Not providing cybersecurity training for employees increases the risk of breaches associated with human error.
The solution to these issues lies in set processes, not just technology. There are two things you should focus on: establish a set of priorities for your team and focus on an adjusted set of cybersecurity risks. However, make sure you don’t neglect to establish a path to return to normal in a nondisruptive way when the time comes.
Use the available tools
“It’s a kitchen sink of security out there,” Talwalkar said. “Small businesses don’t necessarily have access to the same tools as larger companies, and you need more protection than ever before.”
But that doesn’t mean you don’t have options as a small business owner. You need both breadth and depth in your cybersecurity plan, according to Talwalkar, and you can get this by leveraging the strengths of already-built tools made for small businesses.
“For protecting your critical data, you need to minimally build in two key steps in your cyber security plan,” Talwalkar said. “One is to encrypt your data, and the other is to ensure you have a secure data storage that’s on a regular backup schedule. Most backup tools today provide both encryption of data at rest and in motion.”
Additionally, Talwalkar suggested that ensuring you have standard Anti-Virus protection with an integrated Firewall, a strong VPN, and basic Multi-Factor Authentication for any highly privileged login access is vital. Finally, don’t ignore patching — this is still by far the best protection to ensure vulnerabilities are not exploited. You can also access Mastercard’s Trust Center easily in Markaaz’s Small Business Resources section any time you need.
Verify your suppliers and business partners
“It’s not enough to just focus on your business; you have to look into the companies you do business with,” Talwalkar said.
Platforms like Markaaz are a comprehensive solution to help small businesses discover pre-verified suppliers and vendors, help companies mitigate risk, and reduce their exposure to cyber risks. Markaaz has developed best-in-class technology to streamline the vendor due diligence process. The platform enables your small business to find and verify trusted suppliers on the spot. Our goal is to offer leading-edge solutions that empower small businesses to grow and compete in the global marketplace.
The future of cybersecurity
Talwalkar recently attended Black Hat USA, a cybersecurity conference, and one of the most compelling messages he heard was the first keynote. It focused on the supply chain and associated risks, which are typically tied to geographics and geopolitics.
As far back as 5 years ago, cybersecurity was listed among the top three threats to our nation. Talwalkar is noticing a lot more emphasis on that, and that’s trickling down from the federal initiatives to small businesses.
“A federal initiative I’m excited about, the Joint Cyber Defense Collaborative, was discussed by CISA,” Talwalkar said. “It’s a program to bring together public and private companies to really target attacks on infrastructure. I’m sensing a knock-on effect here, which is great because we want to get in front of these attackers.”
As we continue building our cybersecurity training plans and initiatives, we must keep an eye on the future. The digital landscape is constantly changing, and so are cyber risks. But armed with tips from Talwalkar and our expert series, you can learn how to mitigate your cyber risks.
We appreciate Ron Talwalkar’s time and insights on cybersecurity as part of our expert series. Learn more about Markaaz’s mission to support the growth of small businesses everywhere. Check out how Markaaz can help your business today.
For over 50 years, Mastercard has pioneered technology to make payments simpler, smarter, and safer. They believe in committing time, energy, and passion to support local projects and addressing global challenges. By connecting individuals, businesses, and organizations in more than 210 countries and territories today, they are unlocking opportunities for more people in more places for generations to come. Mastercard works to connect and power an inclusive digital economy that benefits everyone, everywhere, by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships, and passion, their innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential. Their decency quotient, or DQ, drives the Mastercard culture and everything they do inside and outside of the company.
Markaaz is the world’s first platform to enable verification, monitoring, and payments while connecting small businesses and the network of partners that support them. Through the Markaaz Directory of pre-verified businesses, an all-in-one Dashboard with integrated tools and resources, and a user experience supported by AI, Markaaz delivers accessible and affordable solutions to empower small businesses like never before. Recognized internationally by the World Economic Forum as a Global Innovator, founded by a team of world-class executives and advisors who have done this before, and in collaboration with strategic partners, Markaaz is driving equitable and inclusive solutions for small businesses around the world.
About Ron Talwalkar
Ron Talwalkar is the Director of Cyber Intelligence & Solutions at Mastercard. With an educational background in both computer science and engineering, he is a leader in the space. Talwalkar’s career consists of 27 years of IT experience and the last 16+ years specifically in Cyber. He heads up product and engineering from SMB to Enterprise at McAfee, Intel Security, Cylance, Eclypsium, ReversingLabs, and Mastercard, focusing on Risk Management, Endpoint, and Network Security, Threat Intelligence, Cloud Security, and Hardware/Firmware security.