With the rapid rise of ad tech, mobile marketing and social media, the CMO inhabits an increasingly virtual realm that is closer to the customer than ever before. Managing a vortex of consumer data, digital campaigns and app development also exposes the CMO’s organization to cybercrime. Indeed, cybersecurity is quickly becoming a primary challenge and responsibility for enterprise CMOs. To reap the rewards of marketing success and competitive advantage, they must have a thorough grasp of the risks.
The cybersecurity threat landscape is highly dynamic, and cyber criminals are as focused on reaching your customers as you are. You need a strategy that prepares the marketing organization — and in collaboration with the C-suite and the board of directors (BoD), the entire enterprise — to respond effectively to threats and negative incidents. CMOs are tasked with brand management, and a brand’s reputation is likely to be the most visibly damaged asset in the aftermath of a breach. Likewise, data-driven marketing is fueled by customer trust. Preparation, protection and responsiveness are key to containing the damage and preserving that trust.
Collaboration Is Key
Digital technology has created limitless opportunities, enabling greater brand engagement and innovative customer experiences. On the other hand, it has exponentially increased enterprise vulnerability. With the increased use, integration and interconnection of mobile devices, the network perimeter is blurry and porous, complicating security efforts. Marketers must incorporate security frameworks into their strategic marketing plans and determine how to solicit and deliver valuable customer insights safely.
CMOs are key drivers of digital-based growth for most organizations, yet many are not in the habit of working with the CIO and certainly not with the security department. So, how can the CMO improve in these areas? It starts with increased communication with the CEO, CIO and the BoD.
The leaders at the top of an organization have the clearest view of the “big picture,” and a duty to share it across the enterprise. A sincere, shared commitment to a common vision is the heart of a good relationship between the CMO and the BoD. If this synergy between the BoD and the CMO is lacking, collaborating on complex issues like cybersecurity and data management will likely be frustrating. Successful engagement requires careful preparation and sustained effort; the trust earned through this process provides a shortcut in future collaborations and a buffer when delivering bad news.
Optimizing security practices should be an enterprise-wide mission, and every executive is responsible for clearly demonstrating that it is a top priority. Among the most important defenses any company has against cybercrime is a widespread and deeply rooted culture of security that is bolstered by exemplary leadership, regular training, strong policies and enforcement. CMOs are uniquely positioned to create powerful messages about the value of security for employees and customers, alike. Organizations where all stakeholders work together toward building a strong defense will be most likely to thrive under the immense pressures at hand.
In the event of a breach, CMOs will suddenly find themselves on the frontlines. The most evolved enterprises know that a solid security posture includes careful incident response planning. CMOs are an essential part of this conversation, and should map out a detailed strategy for how brand, customer and product concerns will be addressed in the aftermath of a breach. There are many lessons to be learned from recent high-profile breaches; financial and reputational damage will be amplified or mitigated depending on the speed, credibility and efficacy of the response. A thorough and data-driven exploration of post-breach scenarios — especially those involving public perception and crisis management — will help convince resistant CEOs and BoDs of the centrality of the CMO’s role to security and incident response planning.
CMOs Must Focus on Information Security
There are three specific areas of information security that CMOs should always keep in their lines of sight. These areas — Big Data, Internet of Things and privacy regulations — are not mutually exclusive and can overlap to magnify risks.
Let’s review each of these from the CMO’s perspective:
CMOs love “Big Data,” as it presents marketing opportunities that are rich in customer profiling and interaction, allowing marketing to direct the business proposition at an individualized level. As Big Data continues to evolve as a game-changer for businesses, the associated security risks mushroom. Consumers are increasingly alarmed about how much of their personal data is being collected and with whom the data is being shared. They want to know how businesses are going to protect them and their data, especially when it comes to personally identifiable information (PII).
There is a strong need for better engagement among key stakeholders and joined-up thinking throughout organizations, from the CMO’s office to the IT department. Continuous collaboration around the adoption of clear guidelines and best practices on the use, storage, encryption and transfer of data is imperative to both brand reputation and customer security.
Across the board, executives are faced with overseeing extremely large amounts of data, which is simultaneously a burden and an opportunity. Marketing executives tasked with managing company data must find a balance between everyday data management tasks and strategically leveraging data through analytics and advertising technology.
The Internet of Things
The “Internet of Things” (IoT) is a sensational convergence of connected technology that has the potential to empower and advance individuals and businesses worldwide.
In today’s global society, nearly every person and smart, connected product we use — from smartphones to toasters to cars — is always on and always transmitting data. Whether it’s for warming our cars on a cold morning or determining what your husband took from the refrigerator during his midnight snack, it will all be carried out from mobile devices. This is a wonderland of opportunity for CMOs, enabling granular insight into behavior that can be used to drive the introduction of new services and products, predict product failure and reach hidden markets. Context-based marketing targets individuals with products they need, at the point in time and place they require them, at an optimal price.
Moving forward, IoT systems will help businesses track remote assets and integrate them into new and existing processes. They will also provide real-time information on asset status, location and functionality that will improve asset utilization, increase productivity, and enhance strategic planning. But the security threats of the IoT are broad and potentially devastating. Organizations must begin planning now to ensure that such deeply interconnected technology adheres to high standards of safety and security, for the sake of consumers and companies alike.
Privacy and Regulation
Most governments have already created, or are in the process of creating, regulations that impose conditions on the safeguarding and use of PII, with penalties for organizations that fail to sufficiently protect it. As a result, organizations need to treat privacy as both a compliance and business risk issue, in order to reduce regulatory sanctions and commercial impacts. For example: reputational damage and loss of customers or contracts due to privacy breaches.
In Europe especially, we note an increase in plans to regulate the collection, storage and use of information. These regulations will likely include severe penalties for loss of data and mandates for breach notification. Expect this trend to continue and expand beyond the EU; compliance with data regulations will impact every department in the enterprise and require input from CMOs, CEOs and BoDs, in addition to security teams.
For CMOs in multi-nationally dispersed organizations, this represents a mounting challenge. Deploying compliant infrastructure and campaigns across multiple legislative environments is complex and in a constant state of flux. The global enterprise BoD is focused on continuity, control and business effectiveness. CMOs will play an increasingly visible and pivotal role. The BoD and CEO now rely on them to proficiently lead brand, channel, product and innovation efforts toward a competitive advantage, without falling foul of emerging privacy and data management legislation.
Preparation Is the Best Protection
The cyber stakes are higher than ever before, and we’re not just talking about personal information and identity theft any more. High-level corporate secrets, vital infrastructure and brand image are constantly under attack.
Cybercriminals are highly organized, using sophisticated technology to carry out their attacks undetected. Cyber threats are both more varied and more pernicious, causing damage on a broader and grander scale. Cisco estimates the global cybercrime market is currently worth between $450 million to $1 trillion. By 2019, cybercrime will cost businesses more than $2 trillion, nearly four times the estimated cost of breaches in 2015.
Organizations are under attack by organized crime (the digital Mob), state-sponsored covert operatives and hacktivists. Each group targets a different asset in accordance with their motives — money, PII, trade secrets and reputation. Recently, financially and politically motivated hackers have leveraged the value of brand reputation and the trust-based relationships among suppliers, customers and partners to cause disruption, expose those in power, and demand ransom payments.
Businesses and leaders will be left in ruins in the wake of such reputational and financial damage. Preparation is paramount. CMOs must work closely with the CEO and BoD to ensure the organization is ready to face these ever-emerging challenges by prioritizing data protections and incident response planning. Leaders need to track emerging trends, and keep an eye on the horizon. By honing their security expertise and proactively confronting the security challenges inherent to digital marketing, CMOs can successfully raise their profiles in the C-suite and increase their levels of engagement across the enterprise. It’s the CMO’s job to make sure the brand stands out. Now it’s also the CMO’s job to make sure it’s for the right reasons.