A recent article in Social Media Today had the arresting headline, “Why Marketers Are Now in Charge of Cyber Security.” Let’s think about that for a minute.
Hacking isn’t anything new. For over a decade, we have witnessed data breaches of increasing scale and ferociousness, attacking hundreds of companies, governments and institutions without prejudice. U.S. data breaches in 2016 hit an all-time record high of 1,093. It’s assumed that any entity with potentially valuable financial or customer data is a target.
Consumers, Businesses – All Data is at Risk
The most publicized breaches, such as credit card data theft, usually affect consumer-facing companies at the end of the supply chain. B2B companies are also exposed to data losses but don’t seem to have made the same headlines. Hacked companies include internet service providers, such as Dyn and GoDaddy, where data breaches and denial of service have afflicted scores of companies and millions of users. The most recent data breach involved Qantas, whose outbound Melbourne passengers received an email containing private information of other passengers.
ISACA, a professional security standards organization, says that cybersecurity trends include extortion linked to the internet of things (IoT) and hacker penetration of cloud providers. Two additional trends have direct marketing implications:
Social media has been called the new “superhighway for cybercrimes.” Some security professionals estimated that there may have been as many as 30 million malicious posts on social networks on one day during the December 2016 shopping season, and hackers are phishing social networks for credit card details and other financial information.
Marketing, Sales Must Step Up
Once a headache for the IT department, the battle for cyber security should be a shared responsibility with data-hungry marketing and sales professionals. This is a joint risk management arrangement that I’ve endorsed on other occasions, most recently among airline loyalty and fraud professionals at the November 2016 LFPA Conference in London. Unfortunately, marketing and sales executives don’t tend to play well with risk and IT security professionals.
The marketing approach to cyber security often runs headlong into its goal of establishing the best possible customer experience. IT teams may try to compromise by establishing less annoying security procedures — a possibly counterproductive option. Marketing needs to take a more expansive view of data security and to share accountability.
If you need to scale up your security efforts, consider deploying a “cyber resilience” action plan. This approach would rely explicitly on a cross-functional working group that includes sales, marketing and IT to reduce risk management costs, time to recovery and reputational damage of a breach.
Research shows that most users are skeptical about web security anyway, and more than two-thirds make negative associations with a brand that is linked to data breaches.
What’s the payback?
A strengthened relationship between marketing and IT is good defense. The stakes are high. Consider the Yahoo example. As I write this, reports are circulating that the Securities and Exchange Commission is investigating the company for delaying disclosure of data breaches that might have affected more than a billion users. Verizon’s $4.8 billion purchase offer for Yahoo is in jeopardy.
This is a classic crisis communications dilemma, and one for which Yahoo seems to have only itself to blame. Research shows that most users are skeptical about web security anyway, and more than two-thirds make negative associations with a brand that is linked to data breaches.
The flip side is that brand associations improve when customers and business partners detect that adequate security precautions have been taken. If this is the case, and research suggests it is, here’s a fair question: Can you find a brand- and sales-building opportunity if you, as a marketing professional, effectively establish and leverage online security measures to build trust with customers and business partners?
The Harvard Business Review (HBR) recently noted that online security and customer intimacy “go hand in hand.” After working with the CIO (and IT team) to establish the best security practices, marketing can help build business retention and loyalty by helping customers better understand that security is embedded in the company’s culture and business practices, and that their security concerns really do matter.
As the HBR put it, “The increased sales and potentially decreased security liabilities will be good for your business, your brand, and your profits.”
In our current business climate, anything that companies can do to increase customer trust and boost transparency can serve as bulwarks against always-present cyber threats.