Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management

Establishing a Risk-Based Approach for Enhanced Cyber Capabilities

Urooj Burney, Cyber, Risk and Operations Leader at Mastercard, on How to Build a Cyber-Resilient Enterprise
Establishing a Risk-Based Approach for Enhanced Cyber Capabilities
Urooj Burney, senior principal-cyber, risk and operations, Mastercard

To build defense capabilities, CISOs need to take a contextualized, risk-based approach in setting up and managing an effective and resilient cyber program. They need to have visibility of tools and controls within their enterprise so that they can establish processes and mechanisms to prioritize the risks against key corporate assets. Furthermore, internal reporting of these risks, especially to the executive suite and the board, should be done using business and financial impact metrics, says Urooj Burney, senior principal - cyber, risk and operations, at Mastercard Advisors.

He says CISOs should "take a holistic approach in deploying technologies that enable you to identify and quantify risks and help you prioritize and allocate resources judiciously."

In an interview with Information Security Media Group, Burney also discusses:

  • How to orchestrate an entire cybersecurity program for payments security;
  • How crypto, blockchain and payment fraud will be the focus in 2022;
  • The need to embed people and process components into the technology deployment framework.

Burney is a global executive with over 25 years of industry and management consulting experience in strategy, planning, architecting, implementing and operationalizing complex and transformational solutions across multiple industries. He has extensive experience in aligning business and technology needs, driving organizational change and leading large-scale transformation programs for global organizations, focusing on adding business value and driving performance improvement. Before joining Mastercard, Burney held leadership roles at several Fortune 500 companies, including PwC, RSA, EMC Consulting, HP, EDS and Merrill Lynch.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.