The role of the CMO in cybersecurity

Claire Pales and Anna Leibel

  • Authors, The Secure Board
Claire and Anna are the joint authors of The Secure Board, recently released to help CMOs and board directors to gain the confidence that their organisation is cyber safe.The Secure Board is a consulting company committed to advising executives and boards, and helping businesses to establish exceptional information security practices Claire is a best-selling author, a podcast host and director of The Secure Board. She has 17 years of experience in the security industry, leading award-winning cyber strategies throughout Australia and Asia. As well as being a director at The Secure Board, Anna is a non-executive director and senior executive across the financial services, management consulting, telecommunications and technology industries. With three decades experience in leading customer, business and digital change, she is a sought after advisor to boards, chief executives and IT leaders on transformation, data, cyber, leadership and culture.

CMOs have an important role to play in mitigating risk and responding to cybersecurity.  

Most organisations view cybersecurity through a technical lens. Cyberattacks can lead to loss of data, corruption of information, unauthorised access to important plans and records or a loss of access to key systems. But for CMOs, the effects of an attack on reputation, trust and customer confidence is the key focus. 

Reputation is bought by building trust with customers, suppliers and the broader marketplace. And it can be lost in the blink of an eye when a security incident is poorly managed.   

Most people are inherently trusting. We believe in referrals from friends and accept a handshake as a bond of trust. But that trust is what cybercriminals exploit in many of their attacks. They steal trusted user accounts and passwords. They infiltrate the email accounts of trusted people. They fake the identities of trusted parties to dupe people into sending money to criminals.  

When an organisation is breached and sensitive data is exposed, corrupted or destroyed, it can damage that brand and organisation's reputation. In 2020, the average cost of a data breach globally was $3.86 million, with almost half of that resulting from reputational damage and system downtime.  

When your systems are offline, your customers, suppliers and other stakeholders can’t reach you. That’s when they leave you for competitors and lose faith in your service.   

Australian responses from a global study in 2019 found 43 per cent of customers would hesitate to do business with a company that experienced a cyber incident. The same percentage also said they would never return to a company that suffered a cyberattack.  

This is why marketers need to understand cybersecurity in 2021 and beyond is a critical issue for protecting and maintaining their brand and organisation’s reputation. Reputational damage is much harder to repair than lost or corrupted data, or a system outage.  

Weighing up your risk appetite  

CMOs, boards and senior leaders must consider the consequences of reputational damage as a result of a cybersecurity incident. Every brand will have a different risk appetite. That needs to be deeply understood, thoroughly debated and agreed with plans put in place to mitigate the reputational impact of a cyberattack.  

There has been, understandably, a strong focus on the technical response to cybersecurity incidents. But the impact of major data loss, interruption of access to systems or the cost of ransomware can have a significant impact on reputation and customer confidence in transacting with you.  

CMOs also need to contribute to the organisation’s public approach in the event of a cyber incident to manage the brand perception. How you communicate with customers, and respond publicly in the event of an incident, is imperative in retaining customer trust and loyalty. There should be enterprise-wide exercises that test out the brand’s preparedness to respond to a cyber incident.   

Prompt management  

Accountability and stakeholder engagement are often missed during the stress and chaos of a cyber incident. CMOs, along with the CEO and the board, should ensure they receive reputational risk reports as part of their cybersecurity and chief risk officer updates. No matter who brings this topic to table, protection and consideration for customer trust during a security incident is a critical role for the CMO and CEO.  

Most organisations that are transparent, honest and forthcoming with information during a cyber incident bounce back and retain the trust of their customers and the respect of their peers and regulators.   

Take the Australian Red Cross Blood Service, which was breached in 2017 when a file containing information relating to approximately 550,000 prospective blood donors was publicly exposed through human error by a third-party supplier. The organisation notified affected individuals and the Office of the Australian Information Commissioner promptly.  

The Commissioner praised the blood bank in a public statement, stating: “Australians can be assured by how the Red Cross Blood Service responded to this event. They have been honest with the public, upfront with my office, and have taken full responsibility at every step of this process”.  

In contrast, when Canva suffered a cyber incident in 2019, its original communication was labelled as ‘marketing fluff’, because the online graphics giant sent customers an email that led with new t-shirt printing capabilities before mentioning the ‘data breach’, almost as an afterthought. Marketing departments that understate the seriousness of a cyber incident can do further damage to their brand.   

CMOs are experts in recognising when a company is facing a potential impact to their brand reputation and finding ways to communicate clearly with customers, suppliers, staff, regulators and other stakeholders to ensure challenging situations are not made worse through poor preparation and communication. CMOs and marketing directors must be prepared to be at the frontline of an organisation's response to a cyber incident. 


Tags: cybersecurity strategy, CMO role, marketing leadership

Show Comments

Featured Whitepapers

State of the CMO 2020

CMO’s State of the CMO is an annual industry research initiative aimed at understanding how ...

More whitepapers

Latest Videos

Launch Marketing Council Episode 3: Launching in the technology sector

Our multi-part video series, Ready to Launch, is focused on unlocking the secrets of launching brands, products and services by exploring real-life examples from Australia’s marketing elite. The series is being produced as part of the Launch Marketing Council initiative by CMO in conjunction with independent agency, Five by Five Global.

More Videos

NetSuite started out as a cloud-based provider of Enterprise Resource Planning software or as NetSuite solution provider, which companies...


NetSuite to acquire Bronto's digital marketing platform for US$200m

Read more

Thanks for sharing this post, its really good information I get through this blog.CDPO Online Exam Training


3 ways is improving its B2B marketing game

Read more

Time is of the essence, especially for customer service teams. With chatbots, you can interact and assist customers at a larger scale, al...


Triple-digit customer database growth, personalised engagement become reality for Stone & Wood

Read more

Hey Emilie - great read, and I particularly liked the section on the pressure of having brand purpose/Gen Z spending habits. It's great t...

Chris Thomas

Have customers really changed? - Marketing edge - CMO Australia

Read more

Extremely informative. One should definitely go through the blog in order to know different aspects of the Retail Business and retail Tec...

Sheetal Kamble

SAP retail chief: Why more retailers need to harness data differently

Read more

Blog Posts

How the CMO can get the board on the customer’s side

For some CMOs, it’s easy to feel alone in the undying quest to better serve the customer. At times, it feels like the marketing department and the boards are speaking a different language, with one side trying to serve the customer, and the other side more focused on the shareholders and financials.

Jeff Cooper

CMO and board, Business Excellence Australia

The Secret Ingredients of a CX-Led Company Culture

When I talk to organisations around the world about their customer experience strategy, it is often the CMOs and their marketing teams who take the lead. They’re keen to improve the ways they attract and engage customers, and they want to understand the technologies that can help them make their customer experience truly outstanding.

Steven van Belleghem

Author, CX expert

The Future Of Social Is Joyful, Pass It On

2019 was a horror year for social media. But in 2020 something different emerged that has shifted the tone, format and intent of the medium. A new social vibe born out of the pandemic and fuelled by the emergence of a platform tailor made for the next generation of consumers.

Dan Young

Managing director, Pulse

Sign in