Article first published on the mediaupdate.co.za, written by Paula Sartini, 15 November 2019 | see article here
Brand value can be compromised in a matter of minutes and negatively impact the brand and company, says Paula Sartini, founder and CEO at BrandQuantum. Sartini says that, as such, brand security is an issue that needs constant attention from many departments — including the C-suite — to minimise possible reputational damage.
SECURING YOUR BRAND IS A C-SUITE CHALLENGE
Brand value is a key component to a company's success and it takes several years to establish by implementing a brand strategy that supports the business. However, data hacks are happening more regularly today.
These incidents impact brand reputation and safety and highlight the need for companies to take privacy issues more seriously. The repercussions of not doing so carry serious reputational damage for brands.
According to the IBM 2018 Cost of Data Breach study, if a data breach causes an organisation to lose just 1% of its customers, it will cost the business on average $2.8-million (£2.1-million), and if it loses more than 4% of the customer base the cost is closer to $6-million (£4.7-million). The costs associated with a data breach are made up of lost business, negative impact on reputation and employee time spent on recovery.
As such, companies cannot afford to ignore the reputational risk of a data breach and need to have measures in place to maintain trust with customers.
THE ROLE OF COMPLIANCE AND REGULATION
Customers are often required to provide personal information to companies for a variety of reasons and expect companies to have stringent measures in place to protect this information, as well as mitigate possible risks of data breaches and hacks.
This is supported by findings of a recent study by RSA Security, which identifies that more than 57% of consumers blame companies for data breaches rather than hackers.
Further, the study states that a loss of customer trust is the biggest risk associated with data breaches and hacks. This should be a key concern for every organisation, as once trust is lost, it is near impossible to win it back.
To alleviate some of the risk, countries have introduced regulations such as the local Protection of Privacy (POPI) Act and Europe’s GDPR, to ensure companies operate with transparency, while protecting customer privacy and using data responsibility.
While South Africa is yet to indicate the fines associated with breaches of the POPI Act, the GDPR has announced two tiers of administrative fines for non-compliance: €10-million or 2% of annual global turnover — whichever is higher — and €20-million or 4% of annual global turnover—whichever is higher.
In many instances, this fee is equivalent to the 2-3% marketing budget that organisations assign annually. While this should be a concern for companies, the reputational damage of a breach should be the biggest concern for organisations as it is far greater than the value of a fine.
While government compliance and regulations should be adhered to, companies also need to implement their own compliance and risk standards internally to keep customer data secure from possible hackers and third parties.
For example, marketing departments often use website tools to target customers online and share customer details with third-party companies to create personalised campaigns. Both of these examples expose customer details to third-parties and increase the threat of customer data being hacked.
To combat this, companies need to remove the segregation of duties from a single department and combine the expertise of the marketing, legal and IT departments to build brand trust and mitigate possible brand risks at all times. In doing so, they will be adding additional layers of security to prevent data breaches — both within the company and via potential hackers.
While marketers are generally familiar with the threat of data breaches, in many instances they do not have insight into the particular vulnerabilities associated with marketing data and how to safeguard it. This requires the expertise of both the legal and IT departments to put measures in place to counter the possible risks.
To improve brand security the marketing, IT and legal departments need to work closely together to combine technology, data management, content and customer experience.
In larger organisations, brand security officers have been appointed to focus entirely on protecting the brand reputation of the company. This role is charged with assessing, mitigating and managing marketing risks, while looking at issues such as fraud, viewability and transparency. In essence, this role is responsible for guiding the organisation in terms of data security and customer privacy.
THE ROLE OF TECHNOLOGY IN BRAND SECURITY
While technology is a key challenge for data breaches and fraud, it also has to be part of the solution. Governance, risk and compliance software offers companies a solution to address several of the challenges that they face by automating mundane reporting tasks and providing a single view of the requirements.
However, companies need to also gain visibility into the compliance environment of the future if they are to limit potential risks and threats. Companies cannot rely on a single solution to address potential issues.
They need to safeguard their customer data by implementing solutions that provide internal security standards and equip their customers to prevent possible data hacks and breaches.
Customers are less likely to fall victim of possible phishing scams by using automation software solutions. These solutions help companies deliver consistent brand experiences and provide verification tools.
However, beyond this, the company needs to also have measures in place to prevent, for example, fraudulent emails from being sent from within the organisation, and minimise the possibility of identity theft.
CONSISTENCY AND AUTHENTICITY BUILD TRUST
While marketing departments are faced with the challenge of capturing the imagination of the customer — and ensuring data privacy at the same time — brand consistency and authenticity should be the foundation on which customers establish a relationship of trust.
This is achieved, for example, by using primary fonts that can be harder to replicate, email signatures with built-in verification tools and documents that meet compliance standards — such as correct director details and company addresses.
To achieve this, technology should be implemented to not only automate repetitive tasks, but to ensure that the company is able to establish trust with customers in every interaction.
In addition, technology should be used to provide a layer of added security to the organisation, while providing data and analytics to determine possible risks, mitigate fraudulent activity and gain visibility into how its brand is being used to engage with customers.
Customer trust and a company's reputation is too important to be left to a single department. To be successful in safeguarding customers' details, companies must tackle the challenge from various angles and implement several solutions that make it more challenging for hackers to access their information.
At this time, technology-savvy companies that implement solutions to safeguard their customer data are putting themselves at the forefront against the competition. However, in the future, this will become standard practice to protect their customers and meet their expectations.