The role of the CMO in cybersecurity

Claire Pales and Anna Leibel

  • Authors, The Secure Board
Claire and Anna are the joint authors of The Secure Board, recently released to help CMOs and board directors to gain the confidence that their organisation is cyber safe.The Secure Board is a consulting company committed to advising executives and boards, and helping businesses to establish exceptional information security practices Claire is a best-selling author, a podcast host and director of The Secure Board. She has 17 years of experience in the security industry, leading award-winning cyber strategies throughout Australia and Asia. As well as being a director at The Secure Board, Anna is a non-executive director and senior executive across the financial services, management consulting, telecommunications and technology industries. With three decades experience in leading customer, business and digital change, she is a sought after advisor to boards, chief executives and IT leaders on transformation, data, cyber, leadership and culture.

CMOs have an important role to play in mitigating risk and responding to cybersecurity.  

Most organisations view cybersecurity through a technical lens. Cyberattacks can lead to loss of data, corruption of information, unauthorised access to important plans and records or a loss of access to key systems. But for CMOs, the effects of an attack on reputation, trust and customer confidence is the key focus. 

Reputation is bought by building trust with customers, suppliers and the broader marketplace. And it can be lost in the blink of an eye when a security incident is poorly managed.   

Most people are inherently trusting. We believe in referrals from friends and accept a handshake as a bond of trust. But that trust is what cybercriminals exploit in many of their attacks. They steal trusted user accounts and passwords. They infiltrate the email accounts of trusted people. They fake the identities of trusted parties to dupe people into sending money to criminals.  

When an organisation is breached and sensitive data is exposed, corrupted or destroyed, it can damage that brand and organisation's reputation. In 2020, the average cost of a data breach globally was $3.86 million, with almost half of that resulting from reputational damage and system downtime.  

When your systems are offline, your customers, suppliers and other stakeholders can’t reach you. That’s when they leave you for competitors and lose faith in your service.   

Australian responses from a global study in 2019 found 43 per cent of customers would hesitate to do business with a company that experienced a cyber incident. The same percentage also said they would never return to a company that suffered a cyberattack.  

This is why marketers need to understand cybersecurity in 2021 and beyond is a critical issue for protecting and maintaining their brand and organisation’s reputation. Reputational damage is much harder to repair than lost or corrupted data, or a system outage.  

Weighing up your risk appetite  

CMOs, boards and senior leaders must consider the consequences of reputational damage as a result of a cybersecurity incident. Every brand will have a different risk appetite. That needs to be deeply understood, thoroughly debated and agreed with plans put in place to mitigate the reputational impact of a cyberattack.  

There has been, understandably, a strong focus on the technical response to cybersecurity incidents. But the impact of major data loss, interruption of access to systems or the cost of ransomware can have a significant impact on reputation and customer confidence in transacting with you.  

CMOs also need to contribute to the organisation’s public approach in the event of a cyber incident to manage the brand perception. How you communicate with customers, and respond publicly in the event of an incident, is imperative in retaining customer trust and loyalty. There should be enterprise-wide exercises that test out the brand’s preparedness to respond to a cyber incident.   

Prompt management  

Accountability and stakeholder engagement are often missed during the stress and chaos of a cyber incident. CMOs, along with the CEO and the board, should ensure they receive reputational risk reports as part of their cybersecurity and chief risk officer updates. No matter who brings this topic to table, protection and consideration for customer trust during a security incident is a critical role for the CMO and CEO.  

Most organisations that are transparent, honest and forthcoming with information during a cyber incident bounce back and retain the trust of their customers and the respect of their peers and regulators.   

Take the Australian Red Cross Blood Service, which was breached in 2017 when a file containing information relating to approximately 550,000 prospective blood donors was publicly exposed through human error by a third-party supplier. The organisation notified affected individuals and the Office of the Australian Information Commissioner promptly.  

The Commissioner praised the blood bank in a public statement, stating: “Australians can be assured by how the Red Cross Blood Service responded to this event. They have been honest with the public, upfront with my office, and have taken full responsibility at every step of this process”.  

In contrast, when Canva suffered a cyber incident in 2019, its original communication was labelled as ‘marketing fluff’, because the online graphics giant sent customers an email that led with new t-shirt printing capabilities before mentioning the ‘data breach’, almost as an afterthought. Marketing departments that understate the seriousness of a cyber incident can do further damage to their brand.   

CMOs are experts in recognising when a company is facing a potential impact to their brand reputation and finding ways to communicate clearly with customers, suppliers, staff, regulators and other stakeholders to ensure challenging situations are not made worse through poor preparation and communication. CMOs and marketing directors must be prepared to be at the frontline of an organisation's response to a cyber incident. 


Tags: cybersecurity strategy, CMO role, marketing leadership

Show Comments

Featured Whitepapers

State of the CMO 2021

CMO’s State of the CMO is an annual industry research initiative aimed at gauging how ...

More whitepapers

Latest Videos

Launch marketing council Episode 5: Retailer and supplier

In our fifth and final episode, we delve into the relationship between retailer and supplier and how it drives and influences launch marketing strategies and success. To do that, we’re joined by Campbell Davies, group general manager of Associated Retailers Limited, and Kristin Viccars, marketing director A/NZ, Apex Tool Group. Also featured are Five by Five Global managing director, Matt Lawton, and CMO’s Nadia Cameron.

More Videos

Great read. I agree that it should be a perfect balance between interacting with your customers and knowing your brand. As a business, yo...

Caroline Scott

7 ways CMOs can improve their customer engagement game

Read more

Very true. Team development helps improve collaboration among the team members. I was able to improve my team's collaboration skills by t...

Quent Sinder

Why empowering others can help make you a great leader

Read more

CRM is a very good software that can help you succeed in your business. In my company, this system has allowed me to improve customer rel...

Anna Janicka

Sensis rebrands to Thryv and brings business software to Australian SMBs

Read more

AI Leasing Assistants have finally arrived for the multifamily industry. With so many to choose from it can be hard to figure out which i...

Alice Labs Pte. Ltd.

CMO's top 8 martech stories for the week - 6 May 2021

Read more

Nowadays, when everything is being done online, it is good to know that someone is trying to make an improvement. As a company, you are o...


10 lessons Telstra has learnt through its T22 transformation

Read more

Blog Posts

Why if marketing is all you do, you’ll never be very good at it

OK, so you’re probably thinking: “Here comes another article to badger me about living in my bubble.” And also, “I bet this bubble-bashing piece will go on to explain how I can achieve better results through some heady dose of new life experiences, new routines and annoyingly different opinions on social media.”

Dane Smith and Toby Harrison

Ogilvy Australia

A leader’s role in rebuilding a culture of confidence

Every day, there are new predictions and studies on the future of work, the state of the economy and the unfolding global pandemic. All of which creates uncertainty and heightens the imperative of effective leadership.

Michelle Gibbings

Workplace expert, author

Confused About Your Customers?​

​I've worked in brand and marketing for more than 20 years. But there’s one area where I’ve found myself going around in circles and I must admit I'm becoming increasingly confused.

Rich Curtis

CEO, FutureBrand A/NZ

Sign in