Building trust and mitigating cyberthreats

By Paul Fabara, Chief Risk Officer at VISA

June 15, 2022

Cybercrime rarely unfolds like the plot of a Jason Bourne movie. There are no high-speed car chases, no defused devices with seconds to spare. Most criminal activity and efforts to thwart them resemble the spy craft in Cold War novels–slow, methodical and forensic. What they lack in drama, they more than make up for in financial impact. In the U.S. alone, cybercrime is estimated to result in losses of $7 billion annually,[1] more than twice that of property losses from home invasions.[2]

As the chief risk officer at Visa, I take nothing for granted when it comes to ensuring the movement of digital money is safe, fast and reliable. Put another way, the most effective way to build absolute trust is to start from a position of zero trust.

The catalytic effects of covid-19 on the migration to digital commerce have brought the threat of cyberattacks into sharper focus. E-commerce in the U.S. has grown by 50% since 2019, indicating a meaningful shift in consumers’ shopping habits. In parallel, continued work-from-home policies and accompanied dependence on digital technologies and online services are providing cyberattackers with more opportunities to exploit individuals and businesses. According to the FBI, cybercrime complaints jumped 69% from 2019 to 2020. [3]

The alarming issue of increased cyberthreats has no single solution. It requires a combination of human expertise, cutting-edge artificial intelligence, deep learning and extensive inter- and intra-sector partnerships. But these assets, however sophisticated, are not enough on their own. It is imperative that these assets are always on and always on-going, which is exactly what we do at Visa. Our cybersecurity strategy is built on a multi-layered architecture that is designed to contain cyberattacks before they threaten the integrity of an individual transaction, our network and the payments ecosystem at large.  

Visa’s ultimate goal is to ward off threats as they appear and address vulnerabilities before they happen. As the adage goes, sometimes the best defense is a strong offense. In some cases, as with our Threat Intelligence platform, this work can involve teaming with law enforcement and other partners to track down criminals where they conduct their nefarious activities. Some of the work I am most proud of at Visa is our collaboration with partners in the public sector to target cybercriminals. Working alongside the U.S. Secret Service and Europol, we have helped bring criminals–including the notorious FIN7 crime ring–to justice. [4]

Because of Visa’s scale and reach, we have access to one of the deepest datasets in our industry. For example, Visa’s 1000-plus cybersecurity experts typically review 280,000 compromise indicators daily and analyze it against historical data to identify points of possible compromise. For context, that’s the equivalent of 4.5 trillion pages of printed text.  

In tandem, Visa cybersecurity experts employ sophisticated analytics to surveil for suspicious activity. This crucial work is done on a non-stop basis by teams of dedicated individuals at our three Cyber Fusion locations in Singapore, the U.K. and the U.S.

We are living in an age where attacks on critical infrastructure–hospitals, financial institutions, mobile network operators and government agencies–can happen from anywhere, by anyone, at any time. The fact that most of these institutions use open-source software makes the job of protecting these systems more complex and time consuming.

For the wheels of commerce, government services and healthcare to continue to run smoothly, it is imperative that we invest in multiple layers of proactive and reactive cybersecurity. It will require technology, human ingenuity, hard work and, perhaps most importantly, consistent and ongoing collaboration between the private and public sectors.

Learn more at visa.com.

[1] Source: https://www.aarp.org/money/scams-fraud/info-2022/fbi-internet-crime-report.html

[2] Source: https://ucr.fbi.gov/crime-in-the-u.s/2019/crime-in-the-u.s.-2019/topic-pages/burglary

[3] Source: https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdf

[4] Source: https://www.voanews.com/a/three-ukrainian-members-of-cybercrime-group-fin7-arrested/4509547.html

The content is paid for and supplied by advertiser. The Washington Post newsroom was not involved in the creation of this content.

ncG1vNJzZmivp6x7uK3SoaCnn6Sku7G70q1lnKedZLCzscCtoK%2Bdl6e8tryOr6CsmV%2BXwqq4w6KloGWkp8K0wIyapZ1lnZ7BqrPAraCnn12YxqOx0a2fq52RqcBw