Director of Information Security Forum Says Chief Marketing Officer Should Have Major Role in Security along with CIO, CEO and Board
The Information Security Forum describes itself as a not-for-profit organization that supplies “authoritative opinion and guidance on all aspects of information security.” In a piece on adage.com, Steve Durbin, managing director of ISF, offers his opinion on a CMO’s role in security and when there is a breakdown in security, i.e., a breach. The following has been excerpted from his story and edited to fit our format. You may find the full article by clicking on this link.
CMOs are key drivers of digital-based growth for most organizations, yet many are not accustomed to working with the CIO and certainly not in the habit of collaborating with the security department. So how can the CMO improve in these areas? It starts with increased communication with the CEO, CIO and the board.
Culture of security
One of the most important defenses any company has against cyberthreats is a widespread and deeply rooted culture of security, shared by all employees, that is bolstered by exemplary leadership, regular training, strong policies and enforcement.
If there’s a breach
The most evolved enterprises know that a solid security posture includes careful incident response planning. CMOs … should map out a detailed strategy for how brand, customer, and product concerns will be addressed….
Learning from the past
There are many lessons to be learned from recent high-profile breaches; financial and reputational damage will be amplified or mitigated, depending on the effectiveness of the response. A thorough and data-driven exploration of post-breach scenarios will help convince resistant CEOs and boards of the importance of CMO involvement in security and incident response planning.
Dealing with a data breach
In the wake of a headline-grabbing data breach…[many say] a CMO should [pull] back planned traditional ads and [let] outreach about the breach speak for the brand for a bit. This would be followed by new ads that address the breach and try to pivot the brand forward…..
[The] CMO [should] review any planned publicity or external communication in the wake of a breach and be intimately involved in how the brand is managed…. The follow-up steps are then to provide information about how the breach is being handled, how it has been managed and how the company has dealt with the issue. It is all about creating transparency and being seen to be communicating in an ethical and trustworthy manner — rather than using it as either a PR opportunity or attempting to pull the wool over people’s eyes, nor pulling down a veil of silence.
The time is right for CMOs to step up to the plate and work with the CEO and board of directors to ensure that their organizations are better prepared and engaged to deal with these challenges. By rising to the marketing and security challenges inherent to the digital enterprise, CMOs can successfully raise their profile in the C-suite and increase their level of engagement across the organization — two of the main objectives of many ambitious CMOs.
ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.
ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.
The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.
For more information, visit www.threatmetrix.com or call 1-408-200-5755.