It is, by this point in human history, an undoubtedly digital world.
And in the contemporary age, where commerce increasingly happens online and payment systems have become more intertwined with complex technologies, the importance of cybersecurity — and beyond just that, widening the aperture on threat intelligence — has never been more critical.
The news Thursday (Sept. 12) that Mastercard has made a $2.65 billion bet on cybersecurity by acquiring threat intelligence company Recorded Future only serves to put an exclamation point on this emerging fact.
After all, digital payments, ranging from traditional card transactions to emerging instant payment mechanisms, are a vital component of modern economies. However, as the volume of these payments increases, so does the sophistication and frequency of cyber threats targeting this ecosystem.
“If you think about our hyperconnected and interdependent digital world … almost every day that goes by sees the expansion of the digital footprint,” Johan Gerber, executive vice president of security solutions at Mastercard, told PYMNTS in an exclusive interview about the acquisition, which is expected to be finalized by the first quarter of 2025.
Along the way, Gerber added, the lines between cybercrime and fraud are collapsing, as stolen credentials are harvested when a website is breached. The stolen credentials are used for scams and social engineering, and card and other types of fraud are rampant.
Against this backdrop, understanding the risks and developing robust strategies to protect digital payment systems is paramount for businesses, financial institutions, and consumers alike.
Read more: Aligning Payments and Data Operations With Compliance and Cyber Risks
The digital payments landscape has evolved rapidly over the past decade. FinTech innovations, mobile payment apps, contactless technologies and more have transformed the way consumers and businesses transact.
With 85% of Generation Z and 82% of millennials preferring contactless digital payments, the demand for these technologies is reshaping the payments industry. According to the PYMNTS Intelligence report, “Tapping Into the Future of Payments,” 91% of Gen Z consumers are adopting digital-first payments, outpacing other age groups.
The benefits of this evolution are clear — convenience, speed and cost-effectiveness. However, as payment methods diversify, they introduce new vulnerabilities. Unlike traditional payment systems that operate within well-defined regulatory and security frameworks, emerging technologies like, real-time payments, embedded finance solutions and more often lack the same maturity in terms of security infrastructure. This creates a fertile environment for cybercriminals, who continuously adapt to exploit these emerging weaknesses.
But while the threat landscape is evolving, so too are the tools and strategies designed to combat cyber risks. Threat intelligence, which involves collecting and analyzing data about potential cyber threats, plays a crucial role in preventing, identifying and mitigating attacks. By leveraging threat intelligence, businesses and financial institutions can stay ahead of cybercriminals by anticipating their tactics, techniques and procedures (TTPs).
For example, threat intelligence’s ability to provide real-time insights into emerging threats can identify vulnerabilities like new phishing campaigns targeting payment providers, or detect unusual patterns in transaction data that may indicate fraud. These insights can then be used to update security protocols, strengthen authentication measures or block suspicious activity before it results in significant financial loss.
See also: Guarding the Gate: Cyberattacks Won’t Stop, but Their Fallout Can Be Prevented
Per Recorded Future’s site, threat intelligence can be broadly categorized into four main types: tactical threat intelligence, operational threat Intelligence, strategic threat Intelligence and technical threat Intelligence.
Tactical threat Intelligence focuses on the immediate TTPs used by cybercriminals in attacks. It includes details such as malware signatures, phishing methods or known vulnerabilities. This type of intelligence is short-term and helps cybersecurity teams quickly detect and respond to threats.
Operational threat Intelligence provides insights into specific cyberattacks, including details on the nature, timing and motivation behind the threats. This intelligence is often gathered from past incidents and helps organizations understand the context and potential impact of current or future attacks, enabling better incident response planning.
Strategic threat Intelligence offers a broader, long-term view of the threat landscape, focusing on trends, emerging risks and geopolitical or market factors that could influence cyber threats. This type of intelligence is used by high-level decision-makers to inform security strategy, policy and resource allocation.
And finally, technical threat intelligence involves the collection of technical indicators of compromise (IoCs), such as IP addresses, domains, and file hashes associated with malicious activity. This intelligence is highly technical and used by security professionals to configure defense systems, block malicious traffic or prevent specific attacks.