Information security part of maintaining customer loyalty, experts say

By Linda Tucci, Senior News Writer 10 Aug 2006 | SearchCIO.com

IT news and analysis for CIOs Digg This!     StumbleUpon     Del.icio.us

If you're thinking this is just a marketing problem, think again.

In a digital age, brand reputation and value now can be "significantly affected" by IT security, said Donovan Neale-May, executive director of the Palo Alto-based council for chief marketing officers (CMOs). Now, for something you may not have heard: "CIOs and CMOs, we believe, need to be much more closely aligned and integrated."

In a poll of more than 2,200 consumers in the United States and Europe, more than 50% of respondents said their concerns about information security have increased; 40% said they have stopped a transaction online, on the phone or in a store because of a security concern; 65% said they would "definitely" or "strongly consider" taking their business elsewhere if their personal information was compromised. U.S. consumers reported they were more concerned with identity theft than terrorist threats.

The mantra today for IT is not just about managing costs and business continuity, Neale-May said, but also increasing business value. "In this case, we're talking about brand reputation, brand trust, brand assurance. The IT organizations should be looking at marketing as an area of opportunity, because marketing organizations spend a large share of the budget," he said.

In his view, the link is obvious: A marketer's job is to protect, manage and shape the brand. A CIO must ensure business continuity and mitigate risk. Given the rising anxiety among consumers about information security, IT is now "business critical" for marketing and should be a component of any branding strategy, Neale-May said. "If you're a bank and your ATM is not working or your online banking site is down, all of this has repercussions for marketing. Consequently, IT security and integrity offer a new channel for brands to differentiate themselves from their competitors."

Analyst Natalie Lambert, who covers security at Forrester Research Inc. in Cambridge, Mass., agrees that security breaches -- or those that have to be reported -- do nothing to help a company's brand. "Their reputation is their lifeline," she said.

Many companies are taking precautions to ensure that security breaches, if they happen, do not have to be reported. Lambert said that if data is encrypted, companies no longer have to report the incident, even if the laptop is stolen, because the chances of being broken into are very small. Prudent companies are looking at BitLocker full disk encryption, of the type Microsoft will offer with its Vista release. Companies are also locking down systems, so corporate files can be opened only from a file server. "This is all being done because of having to report a breach if something is stolen," Lambert said.

But she is skeptical that companies will be able to use IT security and integrity as a way to differentiate their brands. "I'm not going to tell you it is utter baloney. But when I think about the consumer market I think of my mother going online to do whatever she does -- Amazon. Would some long disclosure on what the company is doing to protect her data mean anything to her?" Lambert asked. "I don't think so. We're still trying to get consumers to update their antivirus programs."

Tags: Enterprise risk management,  Leadership and strategic planning,  Enterprise information security management,  Web 2.0 applications,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Enterprise risk management Four lessons in IT disaster recovery planning from an FAA outage Information security and risk management guides for CIOs Email archiving solutions and strategies for enterprise CIOs For CIOs, email deletion scandal shows need for email retention policy Swine flu preparedness: Business continuity during an H1N1 outbreak Talking swine flu and Conficker with the CIO of the CDC Tips from the CDC's CIO on H1N1 flu preparedness Tips for business continuity and contingency planning for swine flu Enterprise risk management quiz for CIOs Enterprise risk management solutions for CIOs Leadership and strategic planning CIO podcasts: Information technology and leadership news and tips Things to be thankful for: IT executives on Thanksgiving 2009 IT management FAQ guides for enterprise IT strategies FAQ: Agile practices and their role in software development Review the latest trends in ITSM and ITIL best practices CIO Briefings: IT leadership resources, business management tutorials IT and business management guides for CIOs The Real Business of IT: Download a free chapter Gartner's top 10 strategic technologies for 2010 Qualities of a great leader from Jim Collins Enterprise information security management Leveraging log management for IT and business process efficiency Information security and risk management guides for CIOs Talking swine flu and Conficker with the CIO of the CDC Network access control: Security advice for enterprise CIOs Evaluating network access control: NAC policy enforcement matters Enterprise risk management quiz for CIOs Network access control now addresses multiple needs Enterprise risk management solutions for CIOs Gartner: Future IT security jobs to focus on risk management strategy Avoiding gotchas of security tools and global data privacy laws

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary GRC (governance, risk management and compliance) software  (SearchCIO.com) sustainability risk management (SRM)  (SearchCIO.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary