In a 2006 study conducted by the CMO Council, over 50 percent of consumers said they would either strongly consider or definitely take their business elsewhere if their personal information were compromised by a business. Even more disconcerting, more than half of business executives said they would either consider or would recommend taking their business elsewhere if a business partner suffered a security breach that compromised their corporate or customer data.
“The most difficult part of being a CSO or CISO is getting CEOs and CFOs to understand that IT security is a part of life, just like fire and flood insurance. You hope you never need to use it, but if you don’t have it and you have a fire, you can lose everything. If you don’t have a strong information security practice in place, the same thing can happen.
Interestingly, the CMO Council study also found 60 percent of marketers believe that security and IT integrity offer an opportunity for brand differentiation. Yet 60 percent of these same marketers said security has not become a more significant theme in their company’s messaging and marketing communications.
Support is key, and if you work with your CEO and help him or her understand what value IT security has on the big picture, this will go a long way in gaining the support of different business divisions. If you educate everyone from the top down, it helps tremendously.”
Clearly, executives who choose to ignore security are not only gambling their company’s brand and good name, they’re also losing an opportunity to differentiate themselves from the rest of the crowd.
Richard Linke, Vice President and CSO for Global Security Management Inc.
so damaging to the valuJet brand that the company had to buy AirTran for its identity and completely purge the valuJet brand from its corporate memory.
wHAT I wISH my CEO KNEw AbOuT SECurITy…
Granted, a large security breach will rarely result in the loss of human life. But the valuJet incident still offers a stark lesson in how corporate negligence can destroy a brand.
If a large bank is found to be at fault for not protecting its data assets, and customer information is spread around the world, the event will hit the news. In turn, that organization will lose brand equity, lose existing customer loyalty, and will have a harder time drawing new customers with its now- damaged reputation. The same goes for health care companies, insurance companies, big retail chains, you name it. Clearly, executives who choose to ignore security are not only gambling their company’s brand and good name, they’re also losing an opportunity to differentiate themselves from the rest of the crowd.