I like to write an annual post about cyber security and Marketing. Marketing continues to be the leading function handling sensitive customer data, while heavily accessing cloud applications. Researching and writing these posts reminds me to stay vigilant and evolve, as security continues to become prevalent within all business functions. My post from last year focused on identity management solutions, and “how” employee identities can impact security. https://bizplanntoday.com/cyber-security-checklist-for-marketers/
This year, I have created a short checklist to help marketers zero-in on their cyber security preparedness. The big takeaway or theme; visibility.
- First, understand the basics behind identity management, as I shared in my post last year. Have quarterly training sessions with your team to go beyond the basic education provided by the company. The more they understand and stay disciplined, the better your chances to preempt breaches due to internal users being compromised, or acting malicious.
- Research and understand your teams usage of cloud applications. Believe it or not, the native applications (like salesforce and box) do not provide all the security measures that an organization needs. They offer security measures but leave much of the “protecting” up to the individual organization. Good Marketing comes from experimentation, which means your employees need to be trying new applications. There are now security companies like Palerra and Skyhigh, focused on securing cloud apps. The CSA has a wealth of independent downloads and resources. https://cloudsecurityalliance.org/ Understand how to protect your team on cloud applications, and strike the right balance between experimentation and security.
- Take the time to understand the stack of security measures at your disposal. Have regular conversations with the technologist in your company. Many of the security applications they already use will have settings, specifications and dashboards that you can tailor. The better you are able to fine tune your visibility, the more advanced and efficient you can become in managing the team.
- Continually educate yourself about the details behind your organizations online traffic. As Marketers, we have so much relying on our online programs; commerce, demand gen, relationship and reputation management. I recently made a visit to Neustar, on a trip to learn more about their Marketing applications. While there, I was surprised to learn about the many security products they offer. Their IP scoring solution is a great resource for identifying malicious traffic. https://www.neustar.biz/services/ip-intelligence/ip-reputation-score When you have time watch some of the webinars that document some of the trends in botnets. You would be amazed at the number of uses cases where botnets are being applied. There is a good chance that your systems are being attacked for purposes that you have not even considered as a marketer, like false orders to impact supply chain and availability to legitimate customers.
- Finally, create a detailed incident response plan. McKinsey has a good post outlining more details and the sections that you should include in your plan. http://www.mckinsey.com/insights/business_technology/how_good_is_your_cyberincident_response_plan Do scenario planning with specifics from your industry and Marketing plan, so that you can customize your incident response plan and not just rely on templates made for other companies.
Marketers don’t need to become cyber security experts or over complicate their role. Have a short but focused approach to learn more and gain visibility into your groups vulnerabilities so that you can play your part in the new era of a shared responsibility model.