In the DACH region and beyond, cyber threats are growing more systemic, fast-moving, and intertwined with global supply chains, putting security leaders under mounting pressure to protect broader attack surfaces while ensuring business agility.
For Ria Shetty, Director of Cyber Security & Resilience for Europe at Mastercard, these challenges demand a new level of collaboration, transparency, and readiness. Ahead of her session at Cloud & Cyber Security Expo Frankfurt, Shetty shares why Tech Show Frankfurt is the ideal platform to foster these critical conversations—and offers a preview of the insights she’ll be bringing to the stage, from managing third-party risks to harnessing AI responsibly in the enterprise security stack.
– – – – – –
What made you choose Tech Show Frankfurt as the place to share your cybersecurity expertise?
Tech Show Frankfurt brings together the right mix of security professionals, tech leaders, and innovators tackling today’s most pressing digital challenges. It’s an ideal setting to have honest, practical conversations about what’s actually working when it comes to cybersecurity—especially as the risks grow more complex and interconnected. Sharing what we’ve learned at Mastercard, and hearing how others are tackling similar issues, is exactly the kind of dialogue we need more of.
What are the most urgent challenges security teams are facing in 2025?
One of the biggest challenges is managing systemic risk—especially in highly connected environments where one weak link can create ripple effects across an entire ecosystem. Add to that the speed at which threat actors are evolving, often faster than most companies can adapt, and it becomes clear why agility is just as important as control. Security teams are being pushed to protect broader attack surfaces while staying ahead of increasingly targeted and sophisticated threats.
What unique cyber risks or regulatory pressures are shaping strategies in the DACH region right now?
The DACH region has a strong regulatory environment, whether it’s DORA or NIS2, but that also comes with increasing pressure to prove resilience and compliance—particularly for critical infrastructure and financial services. At the same time, there’s growing awareness around third-party risk and supply chain vulnerabilities, which are becoming central to security strategies here. It’s not just about securing your own perimeter anymore; it’s about having full visibility into your partners and providers too.
How are you thinking about risk mitigation in increasingly hybrid cloud environments?
Hybrid cloud comes with flexibility, but also complexity. Risk mitigation in these environments starts with clear visibility—knowing what assets you have, where your data flows, and who has access. It’s also about building consistent security policies across cloud and on-premise environments, automating where possible, and ensuring that your teams have the right tools to respond quickly when something doesn’t look right.
Where does AI pose a threat, and a solution, for enterprise security?
AI is both a powerful defence tool and a growing attack vector. On the one hand, it’s helping us detect anomalies faster, process huge volumes of threat intelligence, and even predict risk before it becomes a problem. On the other hand, attackers are using AI too—whether that’s generating more convincing phishing campaigns or finding new ways to exploit systems at scale. The key is not just using AI, but using it responsibly and transparently, with clear governance and oversight.
What should companies prioritise today to build genuine cyber resilience?
Resilience is not just about firewalls and tools—it’s about being ready for when, not if, something happens. That means investing in detection and response, not just protection. It also means embedding security into business processes, training teams to spot early warning signs, and understanding where your greatest risks actually lie. And importantly, resilience needs to be built with your entire ecosystem – your partners, vendors, and customers – in mind—not just your internal teams.
What vital information can attendees expect to learn at your session?
I’ll be sharing how Mastercard approaches cyber resilience at scale—from how we manage systemic risk, to how we handle third-party threats, and how we adapt as the threat landscape evolves. It’s a real-world look at what it takes to stay secure in a constantly changing environment, while still enabling innovation and trust in digital interactions.
Whether you’re in payments or another sector, the goal is the same: stay ahead of the threat curve without slowing down innovation. And for those in the payment industry, there’ll be some real-world insights into how we keep transactions secure while enabling seamless digital experiences.
Join Ria at Cloud & Cyber Security Expo Frankfurt for insights on building DACH-wide and global cyber resilience.
