Securing tomorrow: Cybersecurity in an always-on future

By 2030, digital commerce will be underpinned by an invisible web of billions of connected devices and intelligent agents.

Cybersecurity in an always-on future

These technologies promise a golden age of economic growth, where AI-powered assistants negotiate purchases, streamline payments and anticipate consumer needs.

Yet the very innovations fuelling this transformation also expand the attack surface for cybercriminals.

Mastercard’s latest white paper, Securing Tomorrow: Preparing for an Always-On, AI-Powered Future, offers a sobering assessment of the cybersecurity challenges ahead – and a roadmap for resilience.

A New Cyber Arms Race

The sheer scale of tomorrow’s digital economy is breathtaking.

By the end of this decade, more than 40 billion devices will be connected, each representing a potential entry point for fraudsters.

Generative AI and automation will give attackers unprecedented reach: synthetic identities complete with fake histories, images and deepfake videos could be deployed in minutes, while malware capable of adapting in real time will test and bypass traditional defences.

Already, the cost of cybercrime has ballooned to $9.5 trillion annually, a figure that would rank it as the third largest economy in the world.

By 2029, this figure is forecast to swell by two-thirds to $15.6 trillion. For governments and businesses alike, the stakes could not be higher.

Security is no longer a defensive add-on; it is the condition upon which the future of commerce depends.

Agentic AI: Opportunity and Threat

Mastercard describes the 2030s as the age of agentic AI.

These autonomous digital agents will act on behalf of shoppers, merchants and banks, orchestrating everything from chargeback disputes to credit approvals.

For businesses, the productivity gains are immense: AI promises to eliminate routine processes and unlock new efficiencies.

But the same technology that powers frictionless commerce also empowers cybercriminals.

Low-cost, scalable tools will enable attackers to conduct highly targeted scams in multiple languages, set up false storefronts, and manipulate victims with lifelike deepfakes.

The shift is not merely quantitative but qualitative: threats will become more personalised, nuanced and difficult to detect.

In Mastercard’s words, organisations that continue to operate solely “at the speed of human decision-making” will simply not keep up.

A Fragmented Geopolitical Landscape

The report also highlights the growing entanglement of geopolitics and cybersecurity.

State-backed actors are already targeting critical infrastructure, from energy grids to healthcare systems, while disinformation campaigns seek to destabilise societies.

The advent of quantum computing could render outdated cryptographic systems obsolete within minutes, further raising the stakes.

Yet the global response remains uneven.

Divergent regulatory regimes across the US, China and Europe risk creating incompatible systems – a “global AI chasm” where cooperation gives way to fragmentation.

Sir Jeremy Fleming, former head of the UK’s GCHQ and adviser to Mastercard, warns of “population-scale harms” unless governments act collectively.

Without pre-emptive collaboration, standards will only shift in response to crisis.

Building Resilience: Partnerships, Principles and Platforms

So how can businesses prepare for this turbulent future? Mastercard outlines a three-pillar approach:

1. Partnerships – Cybersecurity cannot be achieved in isolation. From small retailers to national governments, every participant in the digital ecosystem shares responsibility. Initiatives such as federated learning – where AI models are trained collaboratively without sharing sensitive data – illustrate how cooperation can deliver stronger defences while respecting privacy.

2. Principles – Security and privacy must be embedded by design, not bolted on after the fact. By treating data as something owned and controlled by individuals, organisations can build trust while ensuring resilience. Regulation, too, should focus on principles rather than prescriptive technologies, ensuring innovation is not stifled by rigid frameworks.

3. Platforms – Finally, Mastercard is investing in scalable solutions that extend beyond payment networks. From tokenisation of assets to AI-driven fraud detection, the company is building an integrated ecosystem designed to protect identities, merchants and transactions in real time. Its goal: to tokenise 100% of e-commerce transactions within five years, creating a seamless security layer across digital commerce.

Securing the Digital Economy

The next five years will determine whether the promise of AI-driven commerce is realised safely, or undermined by unchecked cyber threats.

The white paper is clear: securing payments alone will not suffice.

What is required is a collaborative framework spanning governments, businesses and consumers, underpinned by a commitment to transparency, resilience and trust.

If achieved, the outcome will be transformative. Consumers could transact anywhere, anyhow – from a car dashboard or a wearable device – confident that their data and money are safe.

Businesses could unlock the full potential of AI while minimising systemic risk. And the global economy could indeed enter a new golden age, secured not by chance but by design.