The brand battle CMOs must fight in the face of data breaches and cybersecurity attacks

Fresh cyber attacks and data breaches across Volkswagen, Audi, McDonalds and Electronic Arts highlight the growing cybersecurity and data threat. So what can marketing leaders do about preventing and reacting to these crises?

Transparency, preparedness, a unified communications approach - both proactively and reactively – and perspective are key to brands preparing for as well as navigating their way through a cyber data breach, several industry experts say.  

Over the past week, several global brands have revealed hefty data breaches that have seen cyber hackers stealing millions of customer data records, employee and company information as well as IP source codes. The significance of these breaches has raised thorny questions about how organisations are protecting company and customer data in the age of increasingly sophisticated cybersecurity attacks and growing concerns about privacy in the digital age.  

Last week, McDonalds confirmed cyber hackers had broken through its security and stolen data from systems across the US, South Korea and Taiwan. The breach reportedly disclosed employees and franchisee data, as well as information pertaining to restaurants and physical play area measurement. Notably, it also included customer emails, phone numbers and addresses for delivery customers in South Korea and Taiwan.  

Even less fortunate were Audi and Volkswagen US and Canadian customers. In data breach documents filed with legal authorities, parent company, Volkswagen Group of America, confirmed up to 3.3 million customer data records could have been exposed as a result of a data breach. The company stated it was notified on 20 March 21 that an unauthorised person had hacked into its systems, obtaining customer information for Audi, Volkswagen and some authorised dealers. Data exposed was available on the Internet between August 2019 and May 2021 and potentially included customer contact information as well as more sensitive information such as social security and loan numbers.  

In the same week, hackers also claimed they’d stolen more than 780GB of data from Electronics Arts (EA) including game source code and ‘related internal tools’. The company was quick to confirm no player data was accessed during the network breach, or that it suspected the hackers of breaching player privacy.  

Senior security strategist for security software testing firm Synopsys Software Integrity Group, Jonathan Knudsen, told CMO that as more of the world moves important functionality and data into software and cloud-based systems, criminals will continue to step up efforts to steal money, information or otherwise monetise the value of it. He noted many organisations also underestimate or do not fully understand the risks of acquiring, deploying, configuring and using software. They therefore lack a proactive approach to security, breaches, ransomware attacks and compromises.  

For Check Point Software technologies cybersecurity evangelist, Ashwin Ram, the latest breaches show just how successful attackers are in winning the cyberwar against businesses. He pointed to Check Point Research, which revealed a 168 per cent year-on-year increase in the number of cyberattacks in Asia Pacific between May 2020 and May 2021 alone.  

“These data breaches are just the latest examples of the increasing frequency of cyber-attacks against organisations,” Blackberry CMO, Mark Wilson, agreed. “Every day, we wake up to news that another organisation has suffered a cyberattack or data breach.”  

Wilson also cited an increase in cyberattacks this past year and during the pandemic as cybercriminals exploited new vulnerabilities exposed through the abrupt shift to more distributed workforces.  

“This has exposed organisations to new risks with employees accessing enterprise networks from insecure home networks and devices,” he said. “Now, as we turn a corner with Covid and workers are starting return to the office, organisations will face a whole host of new security concerns with devices that have been unpatched and out-of-date software.”  

Another concern is how quickly these cybercriminals are evolving their approach. One emerging trend Ram highlighted was triple extortion, where cyber criminals go beyond a ransom from the organisation breached and try to extort money from victims within stolen databases.   

While unconvinced the latest breaches are more significant than those in the last month or year, Verizon Enterprise Solutions senior information data scientist, Gabriel Bassett, saw all consumers becoming more sensitive to cybersecurity and their impact on our lives. The Verizon Data Breach Investigations Report (DBIR) 2021 found credential-based breaches like Electronic Arts, errors such as the one at Audi and Volkswagen, and even more complex breaches like McDonalds, are trends going back years.   

“Now, however, the rash of ransomware attacks impacting billing systems and shutting down businesses that have a direct impact on consumers has brought security to the forefront of people's minds,” Bassett said.  

Founder of dedicated cyber crisis communications strike force RedPhone Cyber, Jonathan Englert, told CMO the latest data breaches across McDonalds, EA and Volkswagen illustrate just how widespread the problem of data protection is and how vulnerable brands are.  

That said, our concerns for breaches around yesterday’s personal data, such as our drivers’ licences, are less important than what is probably coming next and in many cases already here: Much more granular personal data and information used in more sophisticated illicit ways,” he said. 

Implications for brands

While there’s a clear task ahead for IT leaders and chief security officers, the big question is why this should this matter to marketing leaders. How do these breaches potentially impact or influence the way customers look at brands gathering and using their data for engagement, communications, personalisation and targeting? Will more cyberattacks make customers more reticent to share their data or interact with brands looking to capture their data in various ways? And what can marketers even do about it?

Industry leaders are agreed: Breaches are damaging for brands and reputation. According to the Ponemon Institute’s 2020 Cost of Data Breach Report, lost business costs accounted for nearly 40 per cent of the average total cost of a data breach, increasing from US$1.42 million in the 2019 study to US$1.52 million in the 2020 study.  

“When customers read headlines about a data breach in an organisation they use, they are naturally concerned about criminal access to their information and they will be reluctant to do business with that brand in the future,” Knudsen said.  

Ram also pointed to other lost business costs such as increased customer turnover, lost revenue due to system downtime and increasing costs of acquiring new business due to diminished reputation. For Wilson, marketers should care because an organisation’s ability to demonstrate and communicate adequate safeguards around data critical helps them earn and retain consumer trust.  

“A company’s failure to secure data and lack of transparency around how data is being used poses a threat to business and brand reputation,” Wilson said. He added IDC figures show 80 per cent of consumers will abandon a business if their personal data has been compromised.  

“It is difficult—if not impossible—to establish trust when there is no transparency between a business and its customers,” Wilson said. “And as new reports of data breaches and cyber-attacks are disclosed, this raises public awareness and further erodes consumer trust that organisations can properly protect their data and privacy.”  

A recent survey by Cisco Wilson pointed to also found 60 per cent of respondents are concerned about how their data is being protected as they work, learn and even visit the doctor remotely, using video streaming and cloud applications. Nearly one-third (31 per cent) expressed concern their data will be used for unrelated purposes, and one in four fear data will be shared too broadly with third-party companies. The top reason for such concern is lack of insight into what companies are doing with this data.  

Up next: The role of CMOs in preventing and copy with data breaches and cybersecurity attacks

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments

Latest Videos

Launch marketing council Episode 5: Retailer and supplier

In our fifth and final episode, we delve into the relationship between retailer and supplier and how it drives and influences launch marketing strategies and success. To do that, we’re joined by Campbell Davies, group general manager of Associated Retailers Limited, and Kristin Viccars, marketing director A/NZ, Apex Tool Group. Also featured are Five by Five Global managing director, Matt Lawton, and CMO’s Nadia Cameron.

More Videos

Hi,When online retailers establish their multi channel strategy and they are using or will to use live chatbot to support their customers...

Alice Labs Pte. Ltd.

CMO's top 8 martech stories for the week - 6 May 2021

Read more

Thanks for nice information regarding Account-based Marketing. PRO IT MELBOURNE is best SEO Agency in Melbourne have a team of profession...

PRO IT MELBOURNE

Cultivating engaging content in Account-based Marketing (ABM)

Read more

The best part: optimizing your site for SEO enables you to generate high traffic, and hence free B2B lead generation. This is done throug...

Sergiu Alexei

The top 6 content challenges facing B2B firms

Read more

Nowadays, when everything is being done online, it is good to know that someone is trying to make an improvement. As a company, you are o...

Marcus

10 lessons Telstra has learnt through its T22 transformation

Read more

Check out tiny twig for comfy and soft organic baby clothes.

Morgan mendoza

Binge and The Iconic launch Inactivewear clothing line

Read more

Blog Posts

Getting privacy right in a first-party data world

With continued advances in marketing technology, data privacy continues to play catchup in terms of regulation, safety and use. The laws that do exist are open to interpretation and potential misuse and that has led to consumer mistrust and increasing calls for a stronger regulatory framework to protect personal information.

Furqan Wasif

Head of biddable media, Tug

​Beyond greenwashing: Why brands need to get their house in order first

Environmental, Social and (Corporate) Governance is a hot topic for brands right now. But before you start thinking about doing good, Craig Flanders says you best sort out the basics.

Craig Flanders

CEO, Spinach

​The value of collaboration: how to keep it together

Through the ages, from the fields to the factories to the office towers and now to our kitchen tables, collaboration has played a pivotal role in how we live and work. Together. We find partners, live as families, socialise in groups and work as teams. Ultimately, we rely on these collaborative structures to survive and thrive.

Rich Curtis

CEO, FutureBrand A/NZ

Sign in