Article Index


Marketing Professionals

Marketing professionals have a pivotal role to play in the cyber security of their organization. Cyber risk has become a high priority for organizations who are concerned about the theft of personal information. Although it has typically been the concern of CIOs, CISOs, and CTOs, the time has come for CMOs and marketing professionals to also focus on cyber risk.

As today’s businesses move toward a world where data privacy and customer data protection practices are heavily scrutinized, marketers need to become major stakeholders in cybersecurity planning and implementation.

The Small Business Administration (SBA)’s Cybersecurity portal provides online training, checklists, and information specific to protect online businesses. 

We’ve compiled a list of best practices for marketing professionals to follow to protect their own assets.

  • Customer data must be continuously managed and safeguarded. Make sure you know where your client's data is being stored and that it's being kept secure. Understand the data that your business has. Where is all of the data stored? What is all the data that you have? What is the relative value of the data?

  • Partner with your IT team. It’s no longer enough for marketing leaders to simply inform IT they’re adding new tools - it's important they are involved throughout the lifecycle of the product and that they maintain consistent and effective communication with their tech support team. Security programs and processes should be woven into everything that marketers do - they should be genuine stewards of information security best practices.

  • Having an effective email security strategy in place is imperative to the safety and success of marketing professionals. The best defenses against advanced modern threats involve working with the key people, executives, and digital assets within an organization to ensure a comprehensive approach to risk management to address new threats is put in place.

  • Create a section on your corporate website that discusses security and how seriously you treat customer data. The goal is to make visitors to your website more aware and cautious, which will in turn keep your company’s data more secure. This is especially important if you're an email marketer.
  • Understand your internal threats. Information Technology groups within a company should have a strict policy in place that defines who is allowed access to which types of data. Make these policies as restrictive as possible, especially when information such as email addresses or passwords is involved.

  • Filter outbound email. Internal users are the most dangerous because of the trust relationship they already have within the organization. Making sure all email is filtered will help to ensure a local compromise won't distribute spam or malicious content to your users or external clients.

  • Avoid free security software. Generally speaking, they are not thorough enough for today's more malicious threats. Cyber thieves will take advantage of your weakest link. Don't assume you have nothing to risk or that you're a small target. Same with free website hosting. They are not always maintained with security updates and auditing to ensure they're not being defaced or compromised.

  • Use a VPN. A virtual private network is an encrypted tunnel between you and the internal resources within a company. This VPN should be protected with multi-factor authentication to ensure an attacker who gains possession of your system can't simply gain unimpeded access to your organization. Some excellent open-source VPN options include Wireguard and OpenVPN.

  • Play a role in data breach recovery. The threat of losing customers due to a data breach is a serious challenge for marketers. It can have a detrimental impact on a business' reputation and subsequently impact customer trust and sales growth. Marketing teams must step in to manage and protect the brand’s reputation and have a strategy in place for how to deal with a potential breach should one occur. Getting hacked isn't just about the technical consequences of a breach, but it is also about how the situation is handled afterwards, and how you maintain your brand's trust with your clients. Should it happen, be transparent and forthcoming with information - not defensive.

  • Perform regular security audits. Work with your technology provider to check the security of your initiatives before going live with them, and periodically throughout. 

We’ve also compiled a list of general technology best practices that organizations can follow to protect their business in any industry.

Must Read Blog Posts

Latest Blog Articles

Recommended Reading