Marketing executives are failing to keep pace with the financial, customer and brand implications of information security in the digital age, according to research by the Chief Marketing Officer (CMO) Council.
With customer sensitivity, media scrutiny and public awareness about security escalating in every sector of the economy, companies must do more to develop contingency plans and brand strategies to address both the risks and opportunities associated with security, the study warns.
The research, entitled Secure the Trust of Your Brand: How Security and IT Integrity Influence Corporate Brands, examines how security is impacting business value and performance, customer confidence and retention, and brand reputation and integrity.
Impact on loyalty
The survey found that information security issues - especially information breaches and lost customer data - are having a tangible impact on customer loyalty, company stock valuations, and executive agendas. The study suggests that leading corporate marketers and brand managers should (and will) play a growing role in addressing security concerns in their companies.
However, many companies have been slow to implement contingency plans, new corporate and product messaging, and other marketing and brand communications that address the security issues.
Among the study's main findings:
- While both corporate marketers and business executives indicate emphatically that security concerns are rising for their companies and their customers, only 29% of marketers say that their company has a crisis containment plan in case of a security breach. Furthermore, although 60% of marketers believe that security and IT integrity provide an opportunity for brand differentiation, 60% also say that security has not become a more significant theme in their company's messaging and marketing communications.
- Consumers confirmed that they're both worried and agitated. Sixty-five percent have experienced some kind of computer security problem. More than half would either strongly consider or definitely take their business elsewhere if their personal information were compromised.
- Many business customers are also ready to sever relationships over breached data. Half of all corporate executives polled said they would either consider or would recommend taking their business elsewhere if a business partner suffered a security breach that compromised their corporate or customer data.
- Factiva reports that more than 17,000 distinct articles were written on security breaches and issues from January 2005 to July 2006, and media coverage of security breaches is having a significant brand impact on the companies involved. In several cases, security coverage of specific companies that suffered a breach accounted for more than half of all stories written about those businesses in 2005. Emory University researchers found that a company loses, on average, from 0.63% to 2.10% value in stock price when a breach is reported.
Making it right
The study identified three critical actions for the preservation and promotion of brand trust:
Having the right technologies and security policies in place to keep a security breach from occurring;
- Crisis Containment
In case of a security breach, a company must be prepared to address customers, business partners, shareholders and the press in an honest, upfront manner, and thus "softening the blow" to the brand.
A company must have a plan in place to help the victims of any security breach (consumers, or in the case of B2B data, partners or client companies).
"An organisation's most valuable assets are its reputation and its ability to sustain customer loyalty," explained Alan Scott, chief marketing officer for Factiva. "Security breaches and negative publicity for an organisation can put that trust in jeopardy. Those companies that can effectively manage their reputations have a better chance of attracting new customers and retaining existing ones."
Slow to develop strategies
Although the majority of marketers and other executives polled believe security is an important marketing and business concern, the report revealed that many marketers are slow to develop new brand and customer communications strategies for a security sensitive world. For example, 64% of marketing executives believe security and IT integrity significantly impact corporate and product bands, versus 19% who do not.
Some 76% believe security breaches negatively impact the brands of companies whose securities have been compromised. However, in order for companies to differentiate their brands based on security and trust, those companies need to have a solid security foundation to prevent breaches and loss of customer data.
However, 60% of all marketers report that security has not become a more significant theme in their company's messaging and marketing communications. Only 29% say their company has a crisis containment plan for security break-ins and failures, while another 27% said they didn't know if such a plan exists. In contrast, some 49% of other corporate executives say they are aware of a crisis containment plan, indicating a possible disconnect between marketers and other business units.
Marketers as data guardians
Slightly more than half of all marketers surveyed said they believe their role and influence in addressing security policies will increase in the future.
"As our digital dependency grows, the connection between information security and brand trust becomes much stronger," concluded Donovan Neal-May, executive director of the CMO Council. "Our study shows that, while some companies are aggressively addressing this issue, too many are not and, therefore, run the risk of brand and business value erosion."
Working with Symantec and Factiva, the CMO Council study included the opinions of corporate executives, marketers, and customers, including a survey of more than 2,000 consumers in North America and Europe conducted with Opinion Research Corporation, as well as in-depth discussions with 25 leading marketing executives on the study's advisory board.
The research has been made available for download from the CMO Council's web site (click here). A final, comprehensive report will soon be published, and can be pre-ordered from the web site.