Over the last few years, data breaches have increased both in impact and severity. When data is compromised, it not only has a direct impact on revenue due to downtime and penalty, but it also erodes brand reputation.
The erosion is difficult to quantify but it can have severe consequences such as negative perception, reduced engagement, and loss of trust, thus, influencing consumer loyalty and preferences.
A company's brand creates tangible economic value contributing significantly to its success and valuation. A good brand ensures recognition, builds trust, and creates a powerful emotional connect with customers, which eventually translates into better top-line sales.
Also Read: How to keep data safe from cyberattacks
As online channels gain significance, brands are increasingly using digital technologies to deliver unique experiences to their customers.
On their part, customers are far more open to sharing personal information with the brand in exchange for a superior and personalised experience.
Therefore, given the brands collect, store, and transmit private information from customers they are answerable for its safety. Any data breach is likely to impact customer confidence and trust. As a result, both brand value and market capitalisation take a huge hit.
Studies indicate that a data breach can cause 65% of consumers to lose trust, while 85% would stop engaging with the organisation. While brands eventually regain consumer trust after a breach, it can still cause a significant dent in revenues in the interim.
For instance, when the target, a leading US retailer, faced a major breach in 2013, its stock was underperforming than that of peers, even three years after the breach.
Also Read: 71% of facility managers concerned about operational cybersecurity: Honeywell survey
Given the magnitude of damage data breaches cause on brand reputation, it is critical that conversations on cybersecurity move beyond the CISO's office and extend to the entire leadership, especially, marketing. As brand custodians, marketers are familiar with the pulse of the customers and know best what works for them.
To digitalise customer experiences, marketers often select, buy, and maintain their automation portfolio. However, the digital landscape is becoming increasingly complex with rapid, new technological innovations that add new vulnerabilities.
In such a scenario, it becomes necessary for marketers to collaborate with the IT teams and the CISO's office to ensure that the brand they build continues to deliver value and remains intact.
There needs to be a shift in mindset from viewing cybersecurity as a cost centre to acknowledging its importance as a powerful differentiator.
In general, we can classify the process of insulating brand reputation against the impact of data breaches under the following buckets:
While marketers often view their role through the lens of brand building and promotion, they also need to consider protecting the brand.
They are responsible for ensuring that brand reputation remains intact during any cyber incident. This could mean instilling a "culture of security" within the organisation by consciously building upon the strategic importance of cybersecurity. This ensures that the responsibility for security doesn't just lie with the IT organisation but pervades all departments.
A best-in-class marketing technology stack can provide clarity through measures, metrics, and analytics that prove invaluable when recovering from a cyberattack.
For instance, marketing departments often invest in solutions that provide insights into the target audience or help measure the effectiveness of marketing and social media campaigns.
Tools are also used for data visibility, management, and reporting. The technology stack used must always be secured using the principle of 'secure by design'. This ensures that the marketing team can manage the risks they are exposed to.
No organisation today can function successfully in a silo. Its supply chains can often bring in significant vulnerabilities, given that there is limited control and visibility available to the organisation.
Therefore, assessing supply chain risks and addressing them as a part of the corporate governance function goes a long way in ensuring better protection.
Even the most robust security infrastructure is susceptible to attacks. Therefore, proactive planning and a crisis communication strategy that can help reassure stakeholders and minimise damage to reputation are essential. A robust cyber resilience programme can help organisations bounce back quickly from an attack.
If brands hope to build on existing customer trust, a well-defined, evolving cybersecurity strategy coupled with a recovery plan in the event of a breach is vital.
While one cannot ensure 100% protection against data breaches, building the right frameworks and a conducive culture goes a long way in minimising the risks.
(The author is Chief Information Security Officer & Head of Cyber Security Practice, Infosys.)
Copyright©2021 Living Media India Limited. For reprint rights: Syndications Today