Cybersecurity Isn't Just an IT Problem—It's Also a Marketing Problem
Cybersecurity plagues entire companies, but only some departments are pushing it to be top of mind. The data sets and tools that marketers work with, for example, are prime targets for hackers, and marketing teams have to be more cognizant of the threats they face. eMarketer’s Sean Creamer spoke with Lynne Koreman, CMO at cybersecurity training company CyberVista, about how cybersecurity and marketing practices can be intertwined.
eMarketer: Do marketers really understand the threats facing their wide-ranging access to consumers and their data?
Lynne Koreman: Marketers ask the right questions about privacy and protection, but sadly they also ask, “How fast can we go with implementation?” Driving revenue and consumer interest is always top of mind for marketers, but considerations around protecting customer data have to come first. For example, every marketer needs to understand where their data lies, how it’s segmented from other databases and how it’s being protected.
eMarketer: What marketing tasks are most susceptible to an external threat?
Koreman: Email, because it’s the lifeblood of many marketers who speak on behalf of companies. Email marketers are front and center, making them easily identifiable to bad actors wanting to impersonate them. Phishing scams are rife right now, and it’s imperative for marketers to ensure that their outreach cannot be cloaked, duplicated or misrepresented. Email communications must appear trustworthy to customers, allowing them to feel secure when clicking to learn more.
eMarketer: Is cybersecurity an issue that needs to be tackled directly by marketers, or is IT responsible for it?
Koreman: Cybersecurity is siloed as an IT problem, but marketers must understand that cyberrisk is an enterprise risk. A change in mentality has to start at the top. CMOs should say, “How do I better understand this to protect my company?” If data is on the cloud, marketers need to ask: “Where is it on the cloud? How is it cut off from other things?” Marketers must understand cyberrisks and how they relate to protecting their own organizations as well as their consumers’ data.
eMarketer: Where does the push for cybersecurity usually come from internally at organizations?
Koreman: Bolstering cybersecurity is a strategic decision that must come from all parts of an organization. But IT is mainly driving cybersecurity initiatives. There are companies out there pushing cyberawareness from the top down and the bottom up, but that isn’t happening in the marketing space.
eMarketer: Which team members typically take charge to educate marketers on cybersecurity?
Koreman: This is where the chief information security officer role shows its importance. If they work with CMOs to get them the education and training needed, then marketing teams can work in concert with security teams. It should never be “us vs. them.” If marketing leadership, IT leadership and security leadership are all on the same page, they can keep their information and their customer data secure.
eMarketer: What are some cybersecurity best practices marketers should follow?
Koreman: Marketers across the board must think: “How secure is my data? Who has access? Am I using two-factor authentication for everything I do?” Marketers are often on the road, so they should always use their company’s VPN over public Wi-Fi.