January 22, 2016 | Written by: Zeynep Tolon
I will be part of an event on January 28th with the THINK leaders community and Brian Kilcourse on retail and security. As part of preparing for this event, we discussed what “security” means to CMOs, especially why CMOs should be involved in security and privacy decisions. In particular, there are two strengths that CMOs bring to the table when discussing security:
- CMOs are in a unique position to bring in the customer’s perspective and imperatives. A recent IBM study with Econsultancy found that 73% of customers picked “Very trustworthy with my data/information” as the top identifier of a perfect company. By contrast the next most popular item was “Treat me well as a loyal customer” at 56%.
When asked what type of information they were comfortable sharing, 80% said information about what they want, types of products, etc. But only 37% were comfortable sharing personally identifiable information. So customers clearly understand the dangers of sharing personally identifiable metrics. And the marketing organization understands how important rich customer data is and how crucial it is to treat their data with the respect it deserves.
- CMOs are on the hook to minimize brand reputation impacts if and when a breach happens. Security breaches have disastrous impacts on company brand and reputation. Forty million credit card numbers were compromised in the Target Thanksgiving hack of 2013. The company spent $61 million in two months to cover damages from the breach and suffered a 46 percent loss in profit from same-quarter sales year-over-year.
Unfortunately this damage is only rising. 2015 was an especially demoralizing year. The upward trend of fraud losses as a portion of revenue for all merchants was at 1.32%, up from 0.68% in 2014. CMOs are at the forefront of damage control, working with PR and the CISO to maintain the data breach, minimize the impacts and repair the damage to brand and reputation to gain back the customers trust.
- Enforce strict guidance around PII (personally-identifiable information) One of Gartner’s top “key moves for 2016” is to develop a unified view of the customer that incorporates first and third party data, known and anonymous data and operational and analytic data. When building this view, CMOs need to actively work with your CISO to monitor security processes and educate their employees and marketers.
- Work with known vendors and third parties who have proven their trust
- Create an incidence plan so you are ready if/when a breach happens. Be transparent in informing your customers and study past examples.
- Be proactive, rather than reactive. Can you create a joint task force with security? Can you stress test your marketing data warehouses and third party connections?
I would love to hear your thoughts on the topic and examples of successful CISO-CMO partnerships. You can join the live chat on Jan. 28th at 1:00 pm ET and leave your questions in the comments section. We will be answering all questions submitted that day live.