Pasar al contenido principal Saltar al pie de página del mapa del sitio

El uso de modelos fundacionales e IA para mantener segura a su empresa con el jefe adjunto de seguridad de Mastercard

Deputy Chief Security Officer of Mastercard, Alissa “Dr. Jay” Abdullah s
Deputy Chief Security Officer of Mastercard, Alissa “Dr. Jay” Abdullah s

Resumen

Connect with Dr. Jay
LinkedIn

Learn more about cybersecurity and protecting your business.

Ver transcripción

Dr. Jay Abdullah (00:00):

What my fear is, is that organizations will be so focused on AI, that they will miss the fundamentals.

 

Speaker 2 (00:12):

Welcome to "Paychex THRIVE" a business podcast where you'll hear timely insights to help you navigate marketplace dynamics and propel your business forward. Here's your host, Gene Marks.

 

Gene Marks (00:27):

Hey everybody, it's Gene Marks, and welcome back again to another episode of the "Paychex THRIVE" podcast. Thank you so much for joining us. Whether you're listening to us or watching us online, we're really happy that you are here. My special guest today is Alyssa, "Dr. Jay" Abdullah, who is the Deputy Chief Security Officer, Senior Vice President of Emerging Corporate Security Solutions at MasterCard. Alyssa goes by Dr. Jay. So first of all, Dr. Jay, welcome to the podcast.

 

Dr. Jay Abdullah (00:55):

Thanks, Gene, thanks for having me.

 

Gene Marks (00:57):

Okay, and I have to say, you understand, I'm from Philly, so whenever I hear Dr. Jay, I'm thinking of a completely different Dr. Jay.

 

Dr. Jay Abdullah (01:02):

I know, I know, but it is after him. It's after him for sure. Dr. Jay had so much gravitas and so much swag, as I like to call it, in basketball. And as I was getting my PhD, I thought, how do I brand myself, how do I think about myself and create a name for myself in technology and in cybersecurity? And my middle initial is J. I used to be a radio DJ. My radio DJ name was Jimmy Jay. And so, I said, "Hmm, Dr. Jay," and I'll be just as smooth and as cool as he is when he was dunking the ball as I want to be in creating solutions for organizations, so that's kind of the evolution.

 

Gene Marks (01:44):

I can't believe you're telling me this story, because I have no connection to this whatsoever, other than the fact that I'm a huge Dr. J fan and again, lifelong Philadelphian, and it was part of the big... We were at the finals when the 6ers won back when he was with the team, and so that's very, very cool, and I'm glad that we have that connection. So, okay, Dr. Jay, that's what I'm gonna be calling you is Dr. Jay. Now, so you're involved with security at MasterCard. I know that you're also involved in a lot of programs. We are talking now it's National Cybersecurity Month. First of all, just give us a little bit of background about yourself. Tell us what you do at MasterCard and how you got there, just so our audience can establish who we're talking to.

 

Dr. Jay Abdullah (02:26):

Sure, so I'll start with how I got there, and then I'll go with what I do. Again, radio DJ, ex radio DJ turned cybersecurity executive. I have a PhD actually, that's where the doctor comes from. It's legit, in Information Technology Management. And I've served as the Deputy CIO for President Obama in the White House. I was responsible for White House technology, Camp David, Air Force One tech, and then moved on and said, "Let me look into cybersecurity. "Let me conquer that." And so I was a former Chief Security Officer for Stryker, which is medical technology, and Xerox, which is print, of course, everyone knows print, and what they call it now, work management platforms kind of things. And so then moved over to MasterCard as their Deputy Chief Security Officer, and I'm responsible for implementing solutions that protect the company against future threats. So anything that's in the future, not really cutting, cutting edge, but right there on the edge. So we're doing things like integrating people. Now, AI is the buzzword. We've been using AI for the past 10 years. That's why people don't have problems with our payment technology methods, but things like that. When you think of AI, when you think of cloud and when that was becoming very, very popular, that's what my organization does. It really looks at the future threat and how we protect ourselves from that, and then how do we implement the right things internally to make sure we are on the right path to innovation and making sure we say security at the speed of innovation. We don't want security to impact innovation, and so that's where it all comes from.

 

Gene Marks (04:22):

So first of all, I'm a MasterCard customer. We've had over, I don't know, in the past 20 years, maybe two or three incidents of fraud. Once somebody stole our credit card number, and this is a true story, and delivered flowers to my wife at our house.

 

Dr. Jay Abdullah (04:42):

Really?

 

Gene Marks (04:43):

And my wife knew it was not me getting her flowers, 'cause that's not something I do. And then when we looked at our credit card, she inquired about it, there was all these fraudulent charges, and I think how creepy is that? The person that took it, stole it, actually sent her flowers, like thanking her for the use of the credit card. So, but the reason why I even tell that story, Dr. Jay, is because both personally and professionally, 'cause we have MasterCard as a business card for my company, I don't know, I don't worry about it. I'm like, "That's on you guys." If there's any fraud, I think we have like a $50 liability or something like that, but for the most part, you call up the credit card, and it's you guys who have to take the onus on doing that. But I'm assuming that as a business owner, I should be interested in what you guys are doing, mainly because the more efficient you are at making sure that fraud is reduced or controlled, the more cost beneficial your services are to us. And if they didn't have somebody like you in place, and fraudulent transactions were out of control, I'd be paying for that as the end user in the end. Does that make sense?

 

Dr. Jay Abdullah (05:53):

Yeah, it does, it does. When I think about the story of MasterCard, and I'm not even gonna go into the history of it, I'm just talking about true to the foundation, MasterCard is built on trust, right? It's a business of trust. Now, it's trust in your payments. And we've been doing the right things for years and years and years, or else we would not have been here and established for so long. But we've been doing this for so long that we've said, "You know what, let's talk to business owners now "about different tools that we have, "different things that we use internally "that can help you secure your infrastructures as well." So, you're right, it's a great story, and it's a great way of looking at it, because before we were keeping the secret sauce, and now we're sharing the recipe.

 

Gene Marks (06:41):

So first of all, that's awesome. It's funny, even internally here, I mean, I don't work for Paychex, but I talk to the people at Paychex, who, this is their podcast, but I always push to get executives from Paychex on this podcast, because I think business owners wanna learn from them, like how they do their jobs and because we're trying to run a business here. So, what you have learning from security will only help us as business owners, so let's dig into that a little bit. I'm looking for advice, and my audience is looking for advice, 'cause we wanna make sure that we are minimized. You can't eliminate cybersecurity issues, but we can try and minimize the risk of doing this. The first question I have for you is about AI. You said just a few minutes ago how AI is nothing new for you guys. You guys have been using AI for a while, and you're deploying it where, to see if somebody is buying a dinner in London and at the same time, putting through a charge for jewelry in Los Angeles. Theoretically, your algorithms can hopefully pick up those kinds of trends and do something about that. How do you think, in your opinion, where do you think AI will benefit small businesses in the form of security in the coming years? Where do you think that's going?

 

Dr. Jay Abdullah (07:58):

When you think about modeling or trying to figure out what do I put in my policy, what do I put in this, that is something, and I'm just saying I'm gonna raise it, I'm gonna bring it down a level, 'cause I'm talking specifically about ChatGPT and those type of AI powers allow you to have a starting place, a foundation to start. When you think about and bring it up a level and talk about AI in general, now I'm thinking about, wow, all of these different companies are embedding AI in their tools. So now I have an easier way to monitor. I have an easier way to connect the dots as opposed to getting a team in together, in the war room, getting analysts together and saying, "Okay, what did we see on the network today? "What is going on?" That's still, unfortunately, where some organizations are. Some organizations don't even know where to start. AI gives you that opportunity to say, "This is where I wanna start," or, "This is my output. How do I get there? "How do I get to this? How do I get to these metrics? "What should I be asking? "How should I be programming to get to this end point "that will tell the story that I want it to tell?" That's what AI is going to do for you. I don't think it is a, it is not a replacement job, because AI cannot create. It can only create based on previous things that it already knows.

 

Gene Marks (09:34):

What it's learning.

 

Dr. Jay Abdullah (09:36):

So, right, what it's learning. So what people are here to do, we are here to be creative and allow AI to create based on what we have been able to be creative with, if that makes sense. And so I think small businesses, wow, this is a big win. Small businesses have a hard time sometimes knowing where to start. Now that I know what to start, let me pick a target. Now what do I do? What is next? And it helps with that. It helps with that type of organization or very well could. What my fear is, is that organizations will be so focused on AI that they will miss the fundamentals. And the adversary, that's what the adversary wants us to do, wants us to look at AI and figure out how that's gonna work and what are we gonna do, how are we gonna use it? Let's go and try to implement or solution our own AI into our systems to make our tool great, and then we're gonna lose sight of ransomware, insider threat, spear phishing, good passwords and MFA, you know what I mean? We're gonna lose sight of the basic things, and if you look at where we've been breached around the world, everywhere, everyone in this cybersecurity space, it's just the basic things. AI from an adversarial standpoint, it's just another way to get in. It's an easier way. I don't have to say, I don't have to think or go to the dark web and say, "Craft a spear phishing email." I can just do it right there in some AI thing, say, "Craft a spear phishing email," or, "Make this sound like Gene Marks," and whatever, and it will automatically know that and do that for me.

 

Gene Marks (11:29):

It's funny, like you just said, "Make this sound like Gene Marks." There are now some really advanced deepfake technologies that AI is generating that can fool businesses into thinking they're talking to somebody of authority and make them go through a transactions when they're really just talking to a bot. So, talk to me a little bit about training. Every study that I read, Dr. Jay, about security issues, is that basically it comes down to the fact that I'm a dope, because I don't recognize all the phishing emails. I click on things inadvertently. I download things without thinking about it. And 80% of all security issues, malware incursions, data breaches, it's usually some employee making some mistake. So what are your thoughts on training your employees to make sure, on cybersecurity, so that they are fully prepared and can recognize these kinds of threats?

 

Dr. Jay Abdullah (12:34):

So I am a firm advocate of training, but we've gotta think of it in how do we train our employees today in the way that they will receive it. If we're still doing hour, hour and a half long training once a year, that's not gonna work. We're in a TikTok generation. We're in short clips, viral videos, let me remember this. And so one of the things, I mean, we focus on that. We've thought about that and what is something, what is a catchphrase? What is something that we can say or we can do to help people help it stick? And that's what you're looking for with cybersecurity awareness training, stickiness. And I'll just give you an example just from internal MasterCard, what we've done. We have this great slogan, "I don't know you like that." And you can't just say, "I don't know you like that." You have to say it with sass. So when you get an email, you look at that email and you say, "I don't know you like that!" And every time you get an email, and you have that thought in your head, that should help you say, "Well, wait a minute, "I know the CEO, but I don't know you like that "to ask me to send Bitcoin!"

 

Gene Marks (13:45):

I see what you're saying. I just understood what you were trying to say.

 

Dr. Jay Abdullah (13:48):

So Gene, I know Gene as a podcaster, and we've had a great conversation today, but if you send me a message saying, "Hey, I need help. I am in some other country. "Can you ship me some money on a gift card?"

 

Gene Marks (14:01):

Send me some money, yeah .

 

Dr. Jay Abdullah (14:02):

I'm gonna say, "I don't know you like that."

 

Gene Marks (14:04)

Yeah, I don't know you like that. Yeah, I gotcha, I gotcha.

 

Dr. Jay Abdullah (14:07):

So that's what we're looking for. We're looking for stickiness, that's what we're looking for.

 

Gene Marks (14:12):

Right, yeah, that makes a lot of sense. And you bring up a really good point. I have some clients that do cybersecurity training if they do it at all, by the way. That's a whole other thing with smaller companies. But you're right, they do it like once a year. And I have other clients that use it. There's good software that's out there, relatively inexpensive, that constantly tests your employees throughout the year, sends some fake messages to see if they can-

 

Dr. Jay Abdullah (14:41):

Yes, that's what we do. We do that as well. We gamify it. We have an escape room where teams can come in, and they compete against other teams across MasterCard to see who's got the best time to get out of the room. And those things aren't easy, but the bragging rights that you get from passing something like that, and it energizes, that's what you wanna do, you wanna energize the base. You wanna energize the employees and really make them feel like, wait, this is a part of my everyday job. This is built into our DNA and once a year, sometimes, it's not built into the DNA.

 

Gene Marks (15:14):

It's not enough.

 

Dr. Jay Abdullah (15:14):

It's not. It's what some companies can do, but it's gotta be kind of repetitive and without sounding preachy, you know what I mean?

 

Gene Marks (15:24):

Understood, yeah, you're absolutely right. Okay, I have many questions for you. Let's talk about passwords. I'm curious to know your thoughts on that, and what you're doing at MasterCard. The trend, Microsoft, Amazon, Google, they've all been the news recently saying that they're moving away from passwords and more towards passkeys, where it's device-driven authentication. At the very least, a lot of companies, if I go to my MasterCard account, I'm getting a text message. It's multi-factor authentication. It's not just a password that's being used. Where do you think passwords are going? Do you think my company will be using passwords in the next five years from now? Do you think they'll still be around?

 

Dr. Jay Abdullah (16:09):

I do. I think passwordless is definitely the future, but you're talking about transitioning the entire world from moving away from passwords. We are moving from regular eight to 10 or 12 character passwords with special characters to passphrases, because you realize the longer that it is, the easier it is. So, if I was gonna do a passphrase, it may be, "I love Gene Mark's "Paychex" podcast," and then add a few special characters inside and oh my goodness, that's even stronger. But if you really think about the future, the future is gonna be built on layered MFA. It's not gonna be just, hey, I got a number, and I need to verify that that number test that came in from my authenticator or authentication tool is the same as what I'm seeing on the screen. It's gonna be more than that. It's gonna be a biometric. It's gonna be so many layers, because we know just straight MFA can be spoofed. We know that sim swapping happens, and so you gotta think about all of those things when you think about all those things. And you brought something up earlier that was like spot on, which is deep fakes. You can't even, voice is gonna be, it's so easy to manipulate and falsify with the right synthesizer technology. And so, it's gonna be multi-layered. And so it may be password, pin, MFA and a biometric. It may be all of those things or passphrase, but we moved into passwordless, so you have a passphrase, you know what that passphrase is, and it's so long, it's a sentence. If you can remember a word that's your password, you can remember a sentence, and the sentence is so long that it is strong, then that removes you from needing to change it every 30 days as well.

 

Gene Marks (18:12):

So wait, lemme just make sure I understand this, because I think you're right. It's not gonna become easier. I think it's probably gonna become a little bit harder for the right reasons, because I think what you're saying is that there's gonna be multiple layers. So, it's not just gonna be a password and it's not just gonna be a text message, but it's gonna be maybe another layer beyond that. Is that what you mean?

 

Dr. Jay Abdullah (18:33):

Right, right, because we started out this whole internet thing trusting everybody. Now we're moving into zero trust. I don't trust anybody. I need to verify every single thing, and our networks are moving into that as well. I need to trust every endpoint. I need to trust when someone, when Gene is in email, I need to re-authenticate him when he moves to his payment, his employee pay system, I need to re-authenticate him. We don't wanna do that at the sake of the user experience, but the user's gonna have to do something. That token can't transfer, because now you're in more high priority assets. When you're touching something that's really sensitive, I need you to say, "Okay, I need to re-authenticate." I need you to be okay with that. I need you to be fine with saying, "Let me go back to my authenticator," or Google Authenticator, whatever you're using. So a lot of companies have a proprietary authentication tool-

 

Gene Marks (19:36):

Have keys, USB keys.

 

Dr. Jay Abdullah (19:36):

Some have keys. Some have USB keys, right, a hard token. But you will need to do that. And then, as long as you're there in that for whatever amount of time, you're good to traverse the network and look at your paycheck and all of that, no pun intended, and all of that information. But now once you move to, hey, I need to change the network. I need to change a setting in the network. I need you to authenticate again, because something might have happened, something might have changed, and you may not be who you say you are at that point.

 

Gene Marks (20:11):

See, I really like to hear that, 'cause when I'm reading, I mean, we all know like... I use Google. I have an Android phone. It's a pin to get into it. It's a passkey system, but I always think to myself, man, if I lose my phone, any other person could pick it up and get into it. I had to send my laptop back for repair back to Dell, who did a great job. But I was like, you know what, if this got into the wrong hands, anybody opens up this laptop, I had to give 'em the pin to get access to my whatever. I mean, I don't know who's there, and then once they're in, they they can do... So to have multi-layers of authentication to me seems, it just seems to be the future. And people are trying to make it easier, but you work in financial services, you understand more than anybody that there has to be those layers, because things change all the time.

 

Dr. Jay Abdullah (21:02):

Yeah, we're trying to, it's a funny balance between ease and security, and we want you to know that when you're on the MasterCard network, it is safe, secure, no one's gonna touch your stuff, no one's gonna manipulate your transaction. But then on the flip side of that, we don't wanna be too cumbersome and too heavy and have to teach cybersecurity, because there's a lot of that that we think we should consume that level of-

 

Gene Marks (21:33):

Responsibility or-

 

Dr. Jay Abdullah (21:33):

Responsibility, right.

 

Gene Marks (21:37):

Fair enough, fair enough. Okay, more questions for you. Can I ask, are you talking to me from your home right now? Are you at home?

 

Dr. Jay Abdullah (21:44):

I am.

 

Gene Marks (21:45):

You are, good, here's the reason why I ask you that question. How are you set up? You're working from home, right? We have so many employees that are working, very common thing now, people are working from home. Again, you read the data. Ransomware is up like 400% since COVID, because we're all working from home. We're using our seventh grader's computers, the old routers, we're terrible when it comes to security. So considering your responsibilities and your job and the company that you work for, tell me how you're set up from a security standpoint, and what advice would you have for our audience for doing something similar?

 

Dr. Jay Abdullah (22:24):

So, I hate to blatantly say that I'm a liar, but I am.

 

Gene Marks (22:29):

Oh, no.

 

Dr. Jay Abdullah (22:31):

And what I mean by that is I am at home. I am one of the lucky people who has a husband, partner, who is a technologist as well. And so we have dirty internet. We have inside internet. So we have two separate, in fact, we have multiple, because we have another land that we have all of our smart devices on.

 

Gene Marks (22:57):

Interesting, okay.

 

Dr. Jay Abdullah (22:57):

And when I say I'm a liar, what I mean by that is when you register your smart device, it asks you for your name, your address, your this, your that, and I don't feel like I need to give that, I don't feel like I need to give the accurate information. It may be in the neighborhood, but if a hacker hacks into my smart thermometer, I don't need them to come right to my address and be knocking on the front door and sending me flowers.

 

Gene Marks (23:25):

And not to interrupt you, but you talk about your smart thermometer. I wrote a piece for Forbes like a year ago about a casino in Connecticut that was infiltrated with malware through a fish tank thermometer, Dr. Jay. These things are not secure.

 

Dr. Jay Abdullah (23:44):

Yes, and one of the things that I talked about a lot when I was the CISO of Xerox was you have to upgrade your firmware on your printer. How many of you upgrade your firmware on your printer? People don't. How many of you upgrade your firmware on your smart thermometer, on your smart garage door opener-

 

Gene Marks (24:00):

Or your router.

 

Dr. Jay Abdullah (24:00):

Or your router, exactly. Luckily these companies are becoming more responsible. I'm gonna use the word responsible, because now instead of pushing it, they audit, it's an automatic update. But sometimes you've gotta go in and say, "I want all the automatic updates." If you don't set it like that, it won't happen for you. So you've gotta do things like that. We do have multifactor. I do have a VPN, well, internal, in our private part of the house, private network. We have a VPN as well, my husband set up a VPN, so I do use an internal VPN. But things like that are important. But just basic things. Let's say I'm not a technology person, and I don't wanna figure out how to set up a VPN, nor do I wanna pay for it. How about just change the default password on your home router, on your internet service providers router that they gave you, let's start there.

 

Gene Marks (24:58):

Yeah, I'm pretty sure that anybody outside my house can go to Linksys' website and use the same default password, 'cause I'm pretty sure it's on my router right now. It takes no time to change something like that.

 

Dr. Jay Abdullah (25:11):

Yes, or if you have a cleaning service, guess what, it's right on the back of your router most of the time.

 

Gene Marks (25:18):

It's true, it is true.

 

Dr. Jay Abdullah (25:20):

They have a sticker that has it right back there, so it's just like basic things you can do. You should have, and we started out with a dirty internet, because we've got lots of kids. I've got six kids, and so the trash that they're connecting to, just social media crap-

 

Gene Marks (25:36):

I get it.

 

Dr. Jay Abdullah (25:36):

I just wanna make sure that whatever I'm doing when I'm working, I need my work to be work, I need it to be safe.

 

Gene Marks (25:45):

So let me ask you, you work for a big company, and you also have the added benefit of your husband, he sounds like a bit of a tech geek, which is good, so fine, that got you set up. But it seems as if a typical small business owner doesn't have the time or the inclination to do all of this stuff for their work-from-home employees. And I've always thought that if you're going to have employees working from home, one of the costs that you're gonna have to incur is to have an IT firm set them up and monitor them. What are your thoughts on that?

 

Dr. Jay Abdullah (26:18):

I think the best thing that they can do just starting out, is to make sure that they're working with a corporate VPN. Because even if you are at a... You know, not only do I work from home, but I travel extensively. I may be at a hotel in Barcelona or somewhere in Singapore. at a hotel, not even in an office. and I need to be able to work, I need to be able to function. I can take my device and connect no matter what I'm doing, the first thing I'm gonna do is connect with my corporate VPN and I'm gonna authenticate in the right way, whatever way your company is saying. I think that's number one. That's brass tacks. Then, you can talk about the extra things, creating a dirty internet for other devices. Those are check the box and extra benefits. But I would say VPN is number one. And to be honest with you, I don't do anything off of the VPN.

 

Gene Marks (27:20):

Hmm, right, do you, when you travel, considering what you do, do you... I tend more to use my mobile hotspot service as opposed to even connecting. I have a VPN, but-

 

Dr. Jay Abdullah (27:32):

Absolutely.

 

Gene Marks (27:34):

As trustworthy as that might be, I'm still not comfortable connecting to a hotel or an airport VPN, and I just go off my phone. Do you do the same thing or-

 

Dr. Jay Abdullah (27:43):

I do the same thing. I do the exact same thing. I'm hotspot all day, and I'm waiting for MasterCard to say, "What are you doing?" 'Cause I do everything on the hotspot. And you're right, it's me being antsy. But I am aware that small businesses don't have luxury of enterprise business plans on their mobile devices. And even if you don't, if you connect to a hotel network, I'm okay with that, but immediately connect to your VPN, have that be automated. Now you've got at least a secure tunnel that you're working through, no matter what they're doing.

 

Gene Marks (28:24):

Dr. Jay, tell us a little bit or give your thoughts on the CISA Secure our World program.

 

Dr. Jay Abdullah (28:31):

So CISA, C-I-S-A, CISA, just released their four things you can do to quote, unquote "Secure Our World," and make it harder for malicious actors to access your data or to trick an employee, allowing them access to your system. So, there are four things that you can do that they mentioned. They mentioned phishing diligence, using strong passwords, enabling MFA, and keeping your hardware and software up to date as we've talked about. But what you'll also find there on the CISA website is access the Stay Safe Online stuff as well. And so, it's just a great broad thing or link for folks to go to for small and medium-sized businesses that will help them and help us quote, unquote, "Secure Our World," because it's not just MasterCard's responsibility. We're trying to make sure everyone is engaged and involved in this, and so Secure Our World is a great place to start as well.

 

Gene Marks (29:29):

Good, makes sense. All right, before we wrap up, let's each of us give a thought on anything that we have not discussed already about safety, because there's one thing I didn't ask you about, but I'll just say it, and then I'm gonna ask you if you've got any final parting words.

 

Dr. Jay Abdullah (29:43):

Oh my goodness.

 

Gene Marks (29:44):

We never talked about upgrading the operating systems of our devices. It sounds so like duh and obvious, and yet, I can't tell you how many people I know, particularly people working from home, they're still working on Windows 95. There's just low hanging fruit for anybody to get access to. So my piece of advice to our audience is just please make sure that you and your employees are running the most recent versions of Windows, Apple iOS, Android. It doesn't eliminate your risk, but it certainly minimizes it. Do you, Dr. Jay, have any final words of advice on security that we haven't, you know, we covered a lot, but is there anything that we haven't covered?

 

Dr. Jay Abdullah (30:25):

I do, and this is, love the podcast, and everything that you all are doing and bringing to your audience. But I wanted to also plug, this is a shameless plug-

 

Gene Marks (30:38):

Bring it on.

 

Dr. Jay Abdullah (30:38):

The MasterCard Trust Center, and I'm plugging the MasterCard Trust Center for various reasons. There are educational resources there for small and medium-sized businesses that help them protect their businesses. And, there's a nice podcast that's 30 seconds, called "Mastering Cyber," 60 Seconds, that's called "Mastering Cyber." By the time you finish tying your shoe, you're done. It gives you tips, terms, and topics on cybersecurity, very, very easy stuff, like we're going into the holidays, be careful about holiday scams, and I list a few holiday scams, and it's only 60 seconds. But you can find that at the MasterCard Trust Center that has that and many more resources for small and medium-sized businesses.

 

Gene Marks (31:28):

Alissa, "Dr. Jay" Abdullah is the Deputy Chief Security Officer, Senior Vice President of Emerging Corporate Security Solutions at MasterCard. Dr. Jay, thank you so much. It was a lot of fun. I learned a lot. I know our audience will have learned a lot as well from listening to this, so thanks for all the great work that you're doing.

 

Dr. Jay Abdullah (31:45):

Thank you for having me.

 

Gene Marks (31:47):

 Do you have a topic or a guest that you would like to hear on "THRIVE?" Please let us know. Visit payx.me/thrivetopics and send us your ideas or matters of interest. Also, if your business is looking to simplify your HR, payroll, benefits, or insurance services, see how Paychex can help. Visit the Resource Hub at paychex.com/worx, that's W-O-R-X. Paychex can help manage those complexities while you focus on all the ways you want your business to thrive. I'm your host, Gene Marks, and thanks for joining us. Till next time, take care.

 

Speaker 2 (32:24):

 This podcast is property of Paychex, Incorporated. 2023. All rights reserved.

Temas