In the age of data-driven marketing, companies are collecting and storing more customer information than ever before, while – at the same time – marketing tactics like online advertising and social media engagement have increased organizations’ attack surface.
Phishing, hacking, mimicking, click and ad fraud, malware distribution, impersonation, social engineering…the list of possible malicious actions goes on and on and new ones keep emerging. Corporate ransomware cases are grabbing the headlines, where “hostage takers” have the power to destroy trust and potentially whole businesses.
As the guardian of the corporate brand and owner of many external communication channels – marketing needs to play an active role in protecting the business from cyber threats.
COMMON ATTACK VECTORS AND WAYS TO MITIGATE RISK
A. (Marketing) Attack Vectors
“A brand’s reputation is likely to be the most visibly damaged asset in the aftermath of a breach”, says Steve Durbin, Managing Director of Information Security Forum. “Likewise, data-driven marketing is fueled by customer trust”.
“Social media exploitation — Facebook scams in particular — has officially taken the crown for the most commonly used method into an organization’s network”, according to Cisco’s 2015 Midyear Security Report.
The majority of security threats come from the inside. Your own employees are most likely to jeopardize your company’s cyber security, either due to naiveté or because they are bad apples. A recent study by Trend Micro found that “around 3 percent of employees would give up [private company] information for only $155”.
B. Risk Mitigation
One of the most important steps companies can take to fight cyber crime is to create a security culture by:
- Fostering collaboration on the topic between executive functions
- Educating employees about (ever evolving) cyber threats
- Limiting admin privileges to sensitive data
As the Ashley Madison hack revealed, weak passwords like “123456” or “password” are alarmingly common. Unique and complex passwords, two-factor-authentication and the use of team tools to share social media account access are the first line of defense when it comes to shielding systems from malicious actors.
In the age of digital transformation, data-driven marketing has become omnipresent and more customer data is being collected, stored and used than ever before, increasing the incentive for malicious actors to infiltrate corporate networks.
Hence, to mitigate cyber risks, investing in technology solutions and services is now a must for brands, and the marketing department is playing an increasingly important role in the process:
- According to CIO.com, “as more marketing departments use their budget on technology spending, the role of the CMO in IT is rising.” To acknowledge this new reality, some companies have created the role of Chief Digital Officer (CDO). A point in case: Jonathan Becher who became SAP’s first CDO after serving as CMO for many years; SAP now has a CDO and a CMO.
If you are still doubtful that you need to take action, consider that PR veteran Burson-Marsteller recently announced a new “focus on enhancing board-level and senior management awareness of the critical need for comprehensive cyber security preparation to address any type of cyber risk”.
In a nutshell:
Cyber security has become part of marketing’s responsibilities. You can’t afford to risk your brand’s reputation by staying passive. This includes creating a security culture in your organization, as well as procuring the necessary tools to protect your brand reputation or your whole business could be in danger.
If you would like to learn more on the topic, register now for the webinar: Your Brand Reputation is under Cyber Threat. Are you Prepared?
A panel of industry experts from Cyveillance, ZeroFox, BeyondTrust and eZanga will outline the most common cyber threats to brands, including phishing, social engineering, website defacement and compromise, corporate impersonation, hacking, click fraud, and insider threats and share best practices on how to detect and mitigate such threats.
- Joseph Schramm, VP, Strategic Alliances, BeyondTrust
- Evan Blair, Co-Founder & CBO, ZeroFox
- Rich Kahn, CEO, eZanga
- James Carnall, VP, Cyber Security Center, LookingGlass Cyveillance