IT departments can either be a force multiplier or a significant hindrance to chief marketing officers and their fellow executive team members. For the CMO, the digital transformation of their business is a critical need often shut down or delayed by IT departments. Why? The leadership within IT departments is all-too-often focused on stabilizing the technology infrastructure to keep the business running instead of supporting new strategies and tools for growth. Additionally, the fact that many IT budgets have been slashed has only exacerbated the problem.
Rapid product development and digitization of those offerings are key metrics for a CMO’s success. The pandemic clearly accelerated plans for companies to move their infrastructure to the cloud, but the unanticipated nature and speed of the shift resulted in confusion and security challenges for countless organizations. That expanded dependence on digitization and the cloud became a double-edged sword that offered new efficiencies while at the same time created gaps in protection that could become a huge problem.
THIRD-PARTY PROVIDERS
In cases where IT teams are unable to support the immediate needs of the CMOs, the CMO’s team has been known to bypass their own IT departments entirely and work with third-party providers to get their product offerings to market or to begin using apps needed to be successful. This creates a “shadow IT” dilemma that results in employees inadvertently sidestepping the usual security controls – creating substantial risk for the overall business. Who is monitoring or securing the company data in the cloud? What happens if a personal mobile device gets hacked and it contains confidential company information? The results can be devastating.
Time-to-market of offerings is critical, and when IT departments tell CMOs it will take weeks if not months, they feel compelled to find alternatives. The consequences of a competitive marketplace and of not working with IT can severely harm the business in the form of breaches that result in both proprietary company data and normal operating business data being stolen. CMOs need to care deeply about cybersecurity and align their objectives with the overall business risk models.
Deloitte issued a study on the hidden costs of a cybersecurity breach and used the tip of an iceberg view to illustrate these unseen public costs. Below the water level some of the impacts included:
· Devaluation of trade name (brand image suffers)
· Lost value of customer relationships (loss of trust from current and future clients)
· Value of lost contract revenue (who would want to do business with you now)
Clearly, these would be a nightmare for CMOs, yet they happen every day. Just look at some of the latest headlines from SecurityWeek:
Quite often the corporate infrastructure perimeter is not hacked into, but rather the adversaries are using targeted phishing emails tricking individuals to give up their credentials. I call this the inside-out hack. Once in, they are able to get more and more privileges within the corporate systems via lateral movements.
What you have to ask yourself is how do these phishing emails make it past your email provider or your email security provider. Afterall, that’s what they do all day, every day in mass. Unfortunately, there is no panacea email protection offering out there however there are key options available which we’ll explore below.
CYBERSECURITY AWARENESS TRAINING
Have you trained your employees on what to look for in phishing emails, and if so, have you done the same for your executives? Believe it or not, many times it’s an organization’s executives (who have higher privileges within the corporate infrastructure) that are targeted and unknowingly surrender their highly valuable credentials. Together with spoofing techniques, companies are losing hundreds of thousands of dollars. Vigilance with constant training is a must.
BUDGETING FOR IT
CMOs and other lines of business executives need to ensure that a part of their budget for IT projects includes cybersecurity. You need cybersecurity that focuses on trackable pattern behaviors your adversaries could potentially use. Things don’t happen by coincidence, but rather with proven patterns or techniques. What’s needed is a cloud-based tool that can monitor the entire corporate environment to identify these behaviors and put together an anomaly trail. Fluency Security is such a tool.
DATALAKES vs. DATASTREAM
The challenge is that many companies use security tools that pump all the incoming log data into big data lakes that must then be sifted through with long complicated searches. This is backwards. Companies need to interrogate the data as it’s streaming in using tested and proven behavioral rules that can detect these patterns in real-time before the data is written to the database. Real-time alerting is then possible and helps the business detect and protect in very short periods of time.
REAL-TIME with FLUENCY SECURITY
Fluency Security is a leading-edge cybersecurity tool that can help provide CMOs and their fellow business executives with the confidence they need to effectively and efficiently do their job. Fluency detects anomalies in real-time and alerts your security teams so they can intercept and stop the activity before it harms the business. Timing is everything when an incident occurs. Can you afford to let your IT department assert they have data exfiltration in the cloud under control? Schedule a demo call with Fluency Security today.