Podcast Summary: "Cyber resilience for small enterprises"
Podcast: GZERO World with Ian Bremmer
Date: February 12, 2026
Host: JJ Ramberg (for this episode, filling in for Ian Bremmer)
Guests: Shamina Singh (Founder & President, Center for Inclusive Growth at Mastercard), Brian Cute (Interim CEO & Director of Capacity and Resilience, Global Cyber Alliance)
Episode Overview
This episode focuses on the increasingly critical issue of cyber resilience for small businesses, with a particular lens on Southeast Asia—a region experiencing dynamic growth in entrepreneurship. As digital transformation accelerates, small enterprises emerge as both engines of economic opportunity and vulnerable targets for cybercrime. The episode explores the scale of the threat, the importance of collaborative solutions, and the unique challenges of tailoring protection across diverse markets. It features practical insights and real-world case studies from leaders at Mastercard and the Global Cyber Alliance.
Key Discussion Points & Insights
1. The Threat Landscape for Small Businesses
-
Supply Chain Vulnerability:
- Small businesses often represent the "weakest link" in global supply chains, making them lucrative targets for cybercriminals.
- "When you really think about how its supply chain works, it's a feeding ground for cybercriminals with small businesses who aren't protected." — Brian Cute [00:00]
- Attacks on small suppliers can compromise entire networks, leading to cascading disruptive effects for major national and international companies.
- Small businesses often represent the "weakest link" in global supply chains, making them lucrative targets for cybercriminals.
-
Scale of the Problem in Southeast Asia:
- In 2023, fraud and scams cost small businesses in Southeast Asia between $18–37 billion.
- "What our research shows is that about one in four businesses have been attacked." — Shamina Singh [00:14], [03:56]
- More than half of attacked SMEs do not recover and are forced to close within 6–12 months of a serious cyber incident.
- In 2023, fraud and scams cost small businesses in Southeast Asia between $18–37 billion.
-
Digital Acceleration Meets Cyber Risk:
- Massive population growth and greater digital penetration increase both business opportunity and exposure to new risks.
- "A billion people joined the middle class over the last 10 years in this region. A billion more will join... That's an enormous amount of purchasing power..." — Shamina Singh [03:06]
- Massive population growth and greater digital penetration increase both business opportunity and exposure to new risks.
2. Why Small Businesses Are Vulnerable
-
Gaps in Education and Resources:
- SMEs may lack basic knowledge or affordable access to cybersecurity tools.
- "Small businesses... they just don't know what they don't know. IT and cybersecurity by its nature is kind of a complex topic." — Brian Cute [05:08]
- Only about two-thirds of ASEAN SMEs use basic cybersecurity software [03:19].
- SMEs may lack basic knowledge or affordable access to cybersecurity tools.
-
Local and Global Ripple Effects:
- A cyberattack on a village shop can threaten livelihoods locally and destabilize supply chains globally.
- "A chain is only as strong as its weakest link… Not only can it take out the small businesses, it can actually compromise the data of large enterprises as well." — Brian Cute [06:15]
- A cyberattack on a village shop can threaten livelihoods locally and destabilize supply chains globally.
3. How Stakeholders Are Responding: Solutions and Collaborations
-
Case Study: Indonesia
- Mastercard and the Global Cyber Alliance collaborated on programs (Academy 2.0, Strive) to deliver bespoke content, curriculum, and toolkits for SMEs.
- Emphasis on "meeting businesses where they are, in their local language… pointing them to free tools." — Brian Cute [07:58]
- Translation into Bahasa Indonesia led to rapid uptake: 40,000 toolkit downloads in a short time, indicating strong demand [09:21].
- Mastercard and the Global Cyber Alliance collaborated on programs (Academy 2.0, Strive) to deliver bespoke content, curriculum, and toolkits for SMEs.
-
Designing for Diversity
- Southeast Asia is not homogenous: solutions require local translation and cultural/contextual adaptation.
- Clip from Temasek CEO Dilhan Pillay Sandrasegara: "You can't compare Singapore... with Malaysia or Indonesia or Philippines..." [11:37]
- "Contextualization is a really important part... curriculum is meeting the user where they are in their digital journey." — Brian Cute [12:34]
- Southeast Asia is not homogenous: solutions require local translation and cultural/contextual adaptation.
-
Leveling Access & Content:
- Programs consider different cyber "maturity levels"—from solo entrepreneurs using a family smartphone to larger SMEs with networked infrastructure.
4. The Evolving Landscape: New Attack Vectors & AI
- AI & Deepfakes:
- Attackers now use AI for more sophisticated phishing, scam campaigns, and deepfake audio/video.
- "There are campaigns now... based solely on phishing and on manipulation... thanks to LLM you can craft any content in any language... AI-based deep fake attacks, fake sound, fake video. You think you talk to someone and you're not." — Stephane Duguin, CyberPeace Institute [15:39]
- AI lowers attackers' costs and scales attacks to unprecedented levels.
- "People are four times more likely to click through on an AI assisted attack than a traditional one before deepfakes." — Brian Cute [16:33]
- Attackers now use AI for more sophisticated phishing, scam campaigns, and deepfake audio/video.
Notable Quotes:
- "...within two years time, we're literally going to experience what I call a tsunami of incredibly sophisticated scam and phishing attacks." — Brian Cute [17:49]
5. What Getting It Right Looks Like
-
Collaboration and Scalable Response
- No organization can solve this alone: governments, companies, NGOs, and platforms all have distinct and complementary roles.
- "The challenge is our current models aren't scaling fast enough... We need a coordinated response. This is a global threat. We need a lot of companies to come together and start investing in cybersecurity." — Brian Cute [19:12]
- No organization can solve this alone: governments, companies, NGOs, and platforms all have distinct and complementary roles.
-
Mastercard’s Commitment
- Programs such as the Mastercard Trust Center, Digital Doors, and Small Business Navigator are designed to act in real time.
- Mastercard has recommitted to connecting and protecting 500 million individuals and SMEs by 2030.
- "...by 2030, we will connect and protect 500 million individuals and small business owners on their journey to financial security and financial health." — Shamina Singh [21:49]
-
Education Is Ongoing
- Emphasis on helping new entrants to the digital economy become not just digitally savvy, but also securely empowered.
- "It's not just about economic growth... It's also the security piece of it. It's absolutely essential." — Brian Cute [22:45]
- Emphasis on helping new entrants to the digital economy become not just digitally savvy, but also securely empowered.
Memorable Moments & Notable Quotes
| Timestamp | Quote | Speaker | |---|---|---| | 00:00 | "When you really think about how its supply chain works, it's a feeding ground for cybercriminals with small businesses who aren't protected." | Brian Cute | | 03:06 | "A billion people joined the middle class over the last 10 years in this region. A billion more will join the middle class over the next 10." | Shamina Singh | | 05:08 | "Small businesses... they just don't know what they don't know. IT and cybersecurity by its nature is kind of a complex topic." | Brian Cute | | 06:15 | "A chain is only as strong as its weakest link… Not only can it take out the small businesses, it can actually compromise the data of large enterprises as well." | Brian Cute | | 09:21 | "The partnership... does the first bit about creating a toolkit that can be easily distributed and delivered to small business owners in a way that doesn't necessarily mean they have to sacrifice a ton of their time, energy or resources." | Shamina Singh | | 12:34 | "Contextualization is a really important part... curriculum is meeting the user where they are in their digital journey." | Brian Cute | | 14:11 | "Fraud also looks like sticker switching... criminals will change the sticker on the QR code... to load malware onto your phone instead of what you think is maybe the price tag of a bottle of water." | Shamina Singh | | 16:33 | "People are four times more likely to click through on an AI assisted attack than a traditional one before deepfakes." | Brian Cute | | 17:49 | "...within two years time, we're literally going to experience what I call a tsunami of incredibly sophisticated scam and phishing attacks." | Brian Cute | | 19:12 | "We need a coordinated response. This is a global threat. We need a lot of companies to come together and start investing in cybersecurity." | Brian Cute | | 21:49 | "...by 2030, we will connect and protect 500 million individuals and small business owners on their journey to financial security and financial health." | Shamina Singh |
Timestamps for Major Segments
- [00:00–03:19] The threat landscape for small businesses in Southeast Asia
- [03:20–05:47] Vulnerabilities: education, resources, and real-world impact
- [05:48–07:39] Ripple effects in supply chains and global commerce
- [07:40–09:09] Collaborative programs: Indonesia case study
- [09:10–12:19] Education, localization, and toolkits in action
- [12:20–15:20] Customization for diverse economies and populations
- [15:21–18:10] New cyber risks: AI-driven scams, deepfakes, rapid innovation
- [18:11–20:27] Scaling solutions and coordinated global action
- [20:28–23:04] Mastercard’s commitment and concluding reflections
Takeaways
- Cyber resilience is essential for small businesses, especially in rapidly digitizing and diverse markets like Southeast Asia.
- The problem is vast and growing, magnified by both digital proliferation and increasingly sophisticated cybercrime.
- Solutions require both education and accessible technology—delivered in local context and language, and tailored to varying levels of cyber maturity.
- Collaborative, multi-stakeholder initiatives are crucial to keep pace with evolving threats and to scale protection fast enough to match the scale of the challenge.
- AI amplifies risks, but also offers defense opportunities—staying ahead demands constant adaptation and coordination across sectors.
- Mastercard and partners are investing deeply in programs to bring millions into both the digital and the secure economy.
For anyone interested in the future of small business, digital growth, and cyber risk, this episode provides both a sobering view of the stakes and an inspiring roadmap for building resilience from local shops to global supply chains.
