How to Approach Cybersecurity Through Innovation and Collaboration

Leadership Profile
Written by Kara Bobowski

Rigo Van den Broeck

EVP, Cyber Security Product Innovation

Mastercard

APRIL 2024

As the Executive Vice President of Cyber Security Product Innovation at Mastercard, Rigo Van den Broeck has a unique role and perspective on the cybersecurity threat landscape. With oversight of cyber data, innovation and security, his responsibilities include product innovation, asset protection, and leading organizational change across Mastercard’s security domain. 

Van den Broeck’s product organisation builds solutions to help customers mitigate cyber risk around the world. This includes designing, growing and scaling capabilities and partnerships that help businesses, governments and financial institutions identify cybersecurity risks, assess vulnerabilities, protect them from attack and organize trust by bringing stakeholders together to influence policy and affect positive change. As Van den Broeck notes: “No one can do cybersecurity on their own; collaboration is essential to build trust.”
 

Roots in the Banking & Financial Industry

Van den Broeck’s background is in the banking industry, where he started out in payment instruments. He continued to work in the financial industry as technology evolved, and he became passionate about preventing fraud in the payment system. 

Van den Broeck says, “It has always been apparent to me that you can prevent a fraudulent payment transaction from happening. However, as I progressed in my career, I realised it would be much more efficient and better for everyone if you can avoid the data from being compromised in the first place. This is where you cross into the cybersecurity space.”

The reason why I moved from fraud into cybersecurity is that I saw in cybersecurity a lot of opportunity for innovation. For me, it was inspiring to see how creative people can be in this space.”


His fraud background gives him a particular vantage point from which to work on innovative products and solutions. “Mastercard said six or seven years ago, ‘we cannot just stay in the fraud space. We need to be in the cybersecurity space,’” Van den Broeck says. “Mastercard is unique in that we can see everything – every payment stream – from the first cybercrime moment, and we can get insight on which cybersecurity threats are leading to a financial consequence or loss.”

He adds, “We see ourselves as a differentiator. We are not only able to see your whole payment stream but can combine insights from different security domains to create a well-rounded set of solutions."
 

Top Challenges for CISOs Today

Van den Broeck sees three major challenges for CISOs operating in today’s world with its abundance of data, technology tools and threat actors.

  1. A segmented and diverse set of cybersecurity solutions.

Van den Broeck notes that CISOs are charged with protecting their organization’s data, but the proliferation of data makes this difficult. “Data is everywhere, all the time, and putting protections or solutions everywhere is not possible or efficient,” he says. “A CISO today has to defend against this rich data that may be located in different places in an organisation – and not only when it's stored, but also when it’s involved in interactions.”

Cybersecurity is a segmented industry – and the CISO’s job is to make sense of it all. He explains: “The challenge is that every CISO has to build cyber resilience within their organisation, while dealing with daily pressures and challenges. CISOs need support to see the bigger picture to help in piecing these elements together.”
 

  1. A diverse set of threat actors.

The second big security challenge, according to Van den Broeck, is that CISOs are fighting criminals with “different intentions and different means at their disposal.” He points out that security leaders have to defend against everyone from “a small hacker that works on their own in a garage” to “very sophisticated actors who have time and money to spend.”

The challenge is that CISOs do not know in advance where the attack is coming from – “an enemy can be anyone and that's difficult,” Van den Broeck says. There is uncertainty about what attack might hit you and when, which makes it harder to prepare or predict for a future cyber attack.

  1. Securing the organisation’s ecosystem.

A third current challenge for CISOs is trying to protect the whole ecosystem in which their company operates, including their supply chain and third parties. Van den Broeck notes, “You have so much to defend. It's not just your own company, but also the ecosystem.” 

He explains that while you can have an agreement with third parties, you can’t manage “a supplier of your supplier.” He goes on to say, “You control your first-line suppliers because you have an agreement with them. You have a contract, and you can audit them. The challenge is that with a second or third party’s supply chain or endpoint, you don't have a contractor relationship with them – so how do you control that?”
 

Opportunities to Collaborate on Cyber Risk

Despite the challenges for security leaders, Van den Broeck is optimistic about the creativity and innovation he sees in the cybersecurity space. “Cybersecurity is still one of the domains where innovation is alive and kicking,” he says. “Every month, every week, there is a new company that starts up where new ideas are explored, where new things are built out, or where we find new ways to solve the same problem.”

Van den Broeck adds that “most of the innovation comes from a cross section of knowledge out of different areas of the business… and then, if you combine this knowledge, you can find new solutions or new ways to look at a problem.”

Van den Broeck is leading a boardroom discussion at the upcoming Nordic CIO & CISO Executive Summit on “Threat Intelligence and Third-Party Risk – Doubling Down on Critical Vulnerabilities.” In this interactive conversation, he hopes to underline that cybersecurity leaders can overstep the individual barriers they may face to look at what executives can do as a collective group.

He explains, “If every company tries to solve cyber problems on their own, the leverage they have is small. But if everyone works together, there's much more leverage we can have… and through this build a safer environment for everyone.” 

To participate in this discussion and more at the upcoming Nordic Executive Summit, apply to join the community. Or, if you are already a member, sign in to MyEvanta to register for your community’s upcoming Executive Summit.
 

Special thanks to Rigo Van den Broeck, Mastercard, and RiskRecon.

by CISOs, for CISOs
 

Join the conversation with peers in your local CISO community.

LEARN MORE

Suggested content

SESSION PREVIEW | MAY 14, 2024
SESSION PREVIEW | MAY 14, 2024

AI/ML and Zero Trust — Driving Business Success

As cyber threats become more sophisticated and pervasive, enterprises need to adopt an agile approach to network and security that promotes innovation and mitigates risk. At the upcoming San Francisco CISO Executive Summit, CEO, Chairman and Founder Jay Chaudhry of Zscaler, Inc., will discuss how AI/ML and zero trust are key enablers of this transformation – here’s a preview.
BLOG | MAY 8, 2024
BLOG | MAY 8, 2024

7 Sessions to Check Out at Upcoming CISO Summits

Evanta is about to launch a series of regional Executive Summits for our CISO communities, where security executives will gather across 22 cities to network, share and learn from each other. Here is a preview of 7 sessions to check out at upcoming CISO Executive Summits.
SESSION PREVIEW | MAY 5, 2024
SESSION PREVIEW | MAY 5, 2024

From Z to A - Extending Zero Trust to APIs

As more organizations adopt a Zero Trust architecture, some overlook the increased prevalence of API-based access to sensitive application functionality and data. At the upcoming New York CISO Executive Summit, Steve Winterfeld, Advisory CISO at Akamai, will discuss API strategies to ensure security from the network layer to the application layer – here’s a preview.
VIEW MORE CISO CONTENT