If you're thinking this is just a marketing problem, think again.
In a digital age, brand reputation and value now can be "significantly affected" by IT security, said Donovan Neale-May, executive director of the Palo Alto-based council for chief marketing officers (CMOs). Now, for something you may not have heard: "CIOs and CMOs, we believe, need to be much more closely aligned and integrated."
In a poll of more than 2,200 consumers in the United States and Europe, more than 50% of respondents said their concerns about information security have increased; 40% said they have stopped a transaction online, on the phone or in a store because of a security concern; 65% said they would "definitely" or "strongly consider" taking their business elsewhere if their personal information was compromised. U.S. consumers reported they were more concerned with identity theft than terrorist threats.
The mantra today for IT is not just about managing costs and business continuity, Neale-May said, but also increasing business value. "In this case, we're talking about brand reputation, brand trust, brand assurance. The IT organizations should be looking at marketing as an area of opportunity, because marketing organizations spend a large share
In his view, the link is obvious: A marketer's job is to protect, manage and shape the brand. A CIO must ensure business continuity and mitigate risk. Given the rising anxiety among consumers about information security, IT is now "business critical" for marketing and should be a component of any branding strategy, Neale-May said. "If you're a bank and your ATM is not working or your online banking site is down, all of this has repercussions for marketing. Consequently, IT security and integrity offer a new channel for brands to differentiate themselves from their competitors."
Analyst Natalie Lambert, who covers security at Forrester Research Inc. in Cambridge, Mass., agrees that security breaches -- or those that have to be reported -- do nothing to help a company's brand. "Their reputation is their lifeline," she said.
Many companies are taking precautions to ensure that security breaches, if they happen, do not have to be reported. Lambert said that if data is encrypted, companies no longer have to report the incident, even if the laptop is stolen, because the chances of being broken into are very small. Prudent companies are looking at BitLocker full disk encryption, of the type Microsoft will offer with its Vista release. Companies are also locking down systems, so corporate files can be opened only from a file server. "This is all being done because of having to report a breach if something is stolen," Lambert said.
But she is skeptical that companies will be able to use IT security and integrity as a way to differentiate their brands. "I'm not going to tell you it is utter baloney. But when I think about the consumer market I think of my mother going online to do whatever she does -- Amazon. Would some long disclosure on what the company is doing to protect her data mean anything to her?" Lambert asked. "I don't think so. We're still trying to get consumers to update their antivirus programs."
Let us know what you think about the story; email: Linda Tucci, Senior News Writer