FacebookFacebook icon TwitterTwitter icon LinkedInLinkedIn icon Email
Mastercard keyboard


Securing the payments ecosystem: mitigating the threat from ransomware

Published 17 October 2022 in Innovation • 6 min read

Johan Gerber, who heads the security and innovation portfolio within Mastercard’s Cyber and Intelligence division, defines his mission as protecting the global financial system from criminal attack. He explains to Öykü Isik the challenges facing the payments system and why he remains optimistic.

For most people in business, cybersecurity has become a fact of life in the 21st Century. But for Johan Gerber, it is a defining mission. As Executive Vice President of Security and Cyber Innovation at Mastercard, Gerber’s aim is to make the payments ecosystem safer for everyone, by defining industry standards and increasing collaboration across key industries. 

The relentless march of the digital economy, accelerated by the COVID-19 pandemic, has brought the issue of cybersecurity into sharper focus more than ever before. Processes and services are migrating online at breakneck speed, bringing huge productivity gains but also making sensitive data increasingly vulnerable to attack.  

According to a recent report by consultancy firm Accenture, companies faced an average of  270 cyberattacks last year, a 31% increase over 2020. Left unchecked, the rapidly evolving threat landscape could end up costing global industries as much as $10.5 trillion a year by 2025 – equivalent in value to the combined economies of Germany, France and the UK.   

That’s in large part because, as technology has advanced, so has the sophistication of the tools at the disposal of cybercriminals. In this context, Gerber believes that one of the biggest challenges facing companies today is ransomware, a branch of cybercrime that has exploded with the increasing availability of sophisticated hacking software.  

A report published in April by CipherTrace, a Mastercard company that helps businesses and government make cryptocurrencies safe and trusted, found that $590 million in ransomware payments was made to cybercriminals in the first six months of 2021– 42% higher than for the entirety of 2020.

The report also highlighted the increasing number of attacks on critical infrastructure, such as one that shut down the computer systems of Ireland’s Health Service Executive, delaying critical healthcare services. 

MasterCard banner
“Some of the new regulations coming out in Europe actually facilitate the sharing of intelligence across member states, and that will allow us to become more proactive as well as reactive”

Blurring of lines 

Gerber – who spent 10 years in law enforcement in South Africa before joining Mastercard — says the trends point to a “blurring of lines” between cyber warfare typically conducted by state actors, and crimes motivated by financial gain. All of this means many more parts of our infrastructure – including entire cities – are put at risk. Indeed, a recent report from RiskRecon, also a Mastercard company, found that 41% of US cities do not have information security programs strong enough to protect their data assets, making them vulnerable to data breaches and ransomware.  

AI has proved to be a double-edged sword in the fight against cybercrime. On the one hand, AI has proved a formidable weapon for criminals, who use it to identify and probe even the smallest weakness in companies’ defenses. “AI can automatically help them select the tools they need for the attack, so it actually allows hackers to attack businesses more than ever before,” explained Gerber.  

Yet on the other hand, companies, including Mastercard, have harnessed the power of AI to improve cyber defenses and improve monitoring capacity. In the last three years, Mastercard has prevented $30 billion in potential customer fraud losses from attempted global fraud and cybercrime attacks across its network. “We leverage AI to watch tens of thousands of transactions per second,” said Gerber. “That’s the power of AI, and how we are turning the tables on cybercriminals.”  

The power of blockchain 

Gerber – who has spent his career tackling organized and financial crime – argued that one of the most important tools in increasing the transparency of crypto was the public ledger or blockchain. These ledgers allow for a record to be kept of crypto transactions and are, therefore, helpful in tracing the flow of criminal funds.  

“The fact that everything gets recorded and registered allows us to do way more from a law-enforcement point of view, because it allows us to understand where the money went,” Gerber said. “It becomes very, very powerful in anti-money laundering, tracing the ransomware payments and bringing in law enforcement.” 

Technology is already allowing blockchain to be used in the fight against cybercrime, including through analytics tools which enable Gerber and his team to determine how criminals use and move cryptocurrencies.  

CipherTrace provides a clearer picture of how and when cryptocurrency payments are made – and to whom. “You can actually see the blockchain payments being made from ransomware attacks,” said Gerber. “You can see the payments being split at some point in time, with a portion going to the ransomware technology provider and the rest going to the criminal gang.”  

Ultimately, this analysis and oversight could be a helpful resource for law enforcement. And, Gerber said, there’s a critical role for government too. “Since cryptocurrencies are decentralized by nature … if you want to establish trust and integrity in that ecosystem, you’re going to have to bring in some form of regulation.”  

Firstly, he added, “this could look at the source of the coins, which could help you not just understand the tracking tied to a ransomware attack but also whether the coins being used in a legitimate transaction have had a ‘dirty’ past.” 

A second front for regulation could be to push for changes within companies, elevating the position of the chief information security officer (CISO) to encourage greater collaboration and communication with board members, and to improve cybersecurity practices, knowledge and training.  

The US Securities and Exchange Commission (SEC) hinted at such a regulatory role as recently as March this year when it published proposals requiring companies to disclose policy to manage cyber-risk. Its review also advocated for transparency around management’s role in implementing that policy, and for disclosure of boardroom expertise on cybersecurity and oversight of related risks.

“Since cryptocurrencies are decentralized by nature … if you want to establish trust and integrity in that ecosystem, you’re going to have to bring in some form of regulation”
- Johan Gerber

Working together across borders 

More important, perhaps, regulation should aim to encourage more information-sharing between companies and law enforcement agencies – an area that has suffered as a result of companies’ fears that reporting cyberattacks may hurt reputations, by impacting share prices and eroding customer loyalty.  

“Some of the new regulations coming out in Europe actually facilitate the sharing of intelligence across member states, and that will allow us to become more proactive as well as reactive,” said Gerber. 

So – looking to the future – how can businesses, big or small, better anticipate the emergence of new threats and risks? The answer, argued Gerber, lay in the ability to connect the payments ecosystem and to foster a greater sense of trust. 

“We need to create an environment where companies feel free to share that information without fear of retribution so that we can prevent the next company from being attacked. You need law enforcement, regulators and industry to come together and share information as fast as possible.” 

In the current economic climate, small businesses may lack the funds to be able to afford state-of-the-art cybersecurity packages. There is a need to accelerate “security by design”, said Gerber, where IT systems purchased by companies and individuals were already embedded with security safeguards and best-practice measures. 

Of course, across all sectors, a range of technological advances is required, such as through cloud-based data storage, biometrics, and multiple-factor authentication – to keep people safe. But within the payments world, Mastercard sees it has a key role in evolving the ecosystem to foster a more seamless, secure customer experience 

“The ability to actually bring cybersecurity type solutions into everyday products that consumers use — that’s where I think the big part of the differentiation will be,” said Gerber. “And as things become more digital, it’s about how we make sure that trust comes with the whole process.”


Oyku Isik IMD

Öykü Işık

Professor of Digital Strategy and Cybersecurity at IMD

Öykü Işık is Professor of Digital Strategy and Cybersecurity at IMD, where she leads the Cybersecurity Risk and Strategy program. She is an expert on digital resilience and the ways in which disruptive technologies challenge our society and organizations. Named on the Thinkers50 Radar 2022 list of up-and-coming global thought leaders, she helps businesses to tackle cybersecurity, data privacy, and digital ethics challenges, and enables CEOs and other executives to understand these issues.


Johan Gerber

Johan Gerber

Executive Vice President of Security and Cyber innovation at MasterCardI

In this role, he oversees Mastercard's product strategies for cyber security, dispute resolution, financial crime, crypto asset, and systemic risk.


Learn Brain Circuits

Join us for daily exercises focusing on issues from team building to developing an actionable sustainability plan to personal development. Go on - they only take five minutes.
Read more 

Explore Leadership

What makes a great leader? Do you need charisma? How do you inspire your team? Our experts offer actionable insights through first-person narratives, behind-the-scenes interviews and The Help Desk.
Read more

Join Membership

Log in here to join in the conversation with the I by IMD community. Your subscription grants you access to the quarterly magazine plus daily articles, videos, podcasts and learning exercises.
Sign up

You have 4 of 5 articles left to read.