Mastercard’s Mike Murnane talks about his own role in security and highlights the biggest challenges and most important skills in the industry.
This week, we’ve heard from several people working within the cybersecurity industry. From Deloitte Ireland’s Arushi Doshi and Accenture’s Chris Davey to Avanade security analyst Ayesha Imtiaz, they all talked about the challenges of staying up to date with the constantly evolving threat landscape.
Mike Murnane, vice-president and programme owner of fraud and security products at Mastercard, is no different, saying that a career in cybersecurity can be both challenging and rewarding.
“There is a need to keep ahead of the constantly evolving technologies and attack methods. We take satisfaction in defeating the fraudsters, but we cannot afford to take our eye off the ball,” he told Siliconrepublic.com.
“Cybercriminals are proving to be exceedingly sophisticated, exploiting organisational silos, remote workers, the supply chain and national borders to undermine the safety and security of critical systems, and the pandemic has only accelerated the growing complexity and severity of cyberattacks.”
Cybersecurity has been getting more and more attention of late, in no small part due to major incidents such as the HSE ransomware attack and the cyberattack on a major US gas pipeline in recent months.
Murnane said attacks have become more common since the boundaries between physical and digital commerce have become more fluid.
“Our world today is built on a web of digital connections and each interaction is a potential opportunity to the cybercriminal,” he said.
“A vulnerability in one place can have a significant impact somewhere else, whether compromised personal identity or payment credentials. The impact can be severely damaging to both an individual and to a company’s reputation.”
Working in cybersecurity
In his own career, Murnane came into security as a developer. He said a computing-based foundation underpins many different disciplines in cybersecurity, so it wasn’t a drastic career change but more of a specific focus.
However, while technical skills are important, he said a more holistic view is key in the role of an infosec professional.
“In addressing cybersecurity, the response from many organisations is to simply throw technology at the problem, but lacking the expertise and insights to prioritise investments, their responses are largely reactive, not proactive,” he said.
“It’s important to take a holistic view of the systems in play and to consider all vulnerabilities and gaps. Sometimes these are technical, but often it can be a lack of education on processes in place for employees to mitigate the risk.”
‘It’s important to be proactive, so we need to keep ourselves up to date on threats’
– MIKE MURNANE
He added that while there is no one skill that will guarantee success in this sector, it’s important to have a broad understanding of the domain. “Cybersecurity is largely a collaborative effort, so interpersonal skills and a desire for the greater good is always a plus.”
Murnane also advised that anyone interested in working in cybersecurity should build a network. “There are many aspects to the role and it’s important to find something that inspires you,” he said.
“Information sharing is key in a constantly involving ecosystem, so building a network of peers is crucial. It’s important to be proactive, so we need to keep ourselves up to date on threats. And don’t forget to occasionally shift your focus away from the criminals to the people who’ve benefitted from the positive impact of your work – it’s a great motivator.”
