Establishing a Risk-Based Approach for Enhanced Cyber CapabilitiesUrooj Burney, Cyber, Risk and Operations Leader at Mastercard, on How to Build a Cyber-Resilient Enterprise
To build defense capabilities, CISOs need to take a contextualized, risk-based approach in setting up and managing an effective and resilient cyber program. They need to have visibility of tools and controls within their enterprise so that they can establish processes and mechanisms to prioritize the risks against key corporate assets. Furthermore, internal reporting of these risks, especially to the executive suite and the board, should be done using business and financial impact metrics, says Urooj Burney, senior principal - cyber, risk and operations, at Mastercard Advisors.
He says CISOs should "take a holistic approach in deploying technologies that enable you to identify and quantify risks and help you prioritize and allocate resources judiciously."
In an interview with Information Security Media Group, Burney also discusses:
- How to orchestrate an entire cybersecurity program for payments security;
- How crypto, blockchain and payment fraud will be the focus in 2022;
- The need to embed people and process components into the technology deployment framework.
Burney is a global executive with over 25 years of industry and management consulting experience in strategy, planning, architecting, implementing and operationalizing complex and transformational solutions across multiple industries. He has extensive experience in aligning business and technology needs, driving organizational change and leading large-scale transformation programs for global organizations, focusing on adding business value and driving performance improvement. Before joining Mastercard, Burney held leadership roles at several Fortune 500 companies, including PwC, RSA, EMC Consulting, HP, EDS and Merrill Lynch.