It is hard to quantify exactly the effect a breach will have on a brand. But, according to The Impact of Data Breaches on Reputation and Share Value by the Ponemon Institute, 71 percent of chief marketing officers (CMOs) said they believe the biggest cost of a security incident is brand value.
Unfortunately, IT practitioners do not necessarily think that brand protection is among their duties. Two-thirds percent of IT respondents to the Ponemon Institute’s survey said they didn’t see protecting their company’s brand as their responsibility. However, 50 percent do believe a material cybersecurity incident or data breach would diminish the brand value of their company.
Such breaches, however, are an unexpected financial burden. In the aftermath of a breach, companies find themselves spending heavily in a bid to regain brand loyalty, enticing back old customers who may have left as a result and attempting to acquire new ones.
IT and marketers need to join forces
With threats escalating daily, it is imperative that IT, chief information security officers (CISOs) and CMOs work more closely together to ensure sensitive marketing data, brand image and IP are protected.
Companies engage with customers across the Internet, social media and mobile apps. This omnichannel presence is invaluable for increasing customer engagement, but it also exposes your brand to increased risk.
The problem is there are very differing levels of security maturity when it comes to awareness in protecting brand image. Financial institutions, for example, are real pathfinders. At Orange Cyberdefense, we have been working with financial organizations for several years, developing threat intelligence to reduce their brands’ exposure to risk.
In other sectors, such as manufacturing, companies haven’t allocated budgets for monitoring and surveillance outside their IT perimeter to preserve brand reputation and customer trust. Why? Because they don’t see it as necessary. Instead they focus on internal security.
When a brand attack happens on one of these companies, however, we always notice a rapid shift in thinking, and the budget is suddenly there for brand protection. It takes a while to develop a trustworthy brand and, in my experience, companies are slowly realizing that it can be destroyed overnight, thanks to fraudulent digital activities.
There are many ways cybercriminals can use your brand for malicious purposes. They can push phishing attacks, creating rogue websites and apps to dupe your customers or set up fake groups and profiles on social media. At the same time, they can be discussing potential attacks on your brand or selling your stolen marketing database on the deep, dark web, for example.
At Orange Cyberdefense, we offer different surveillance services to meet multiple requirements. These include IP reputation intelligence, rogue website and app monitoring and remediation when an issue is detected, domain name and phishing monitoring and takedown, dark web monitoring and data leak monitoring.
The first steps to brand surveillance
It is paramount from the outset to protect your brand and IP in cyberspace. Despite today’s heavy emphasis on cybersecurity in the boardroom, companies often overlook protecting their brand. This disregards the sometimes irreparable brand damage a malicious attack can make.
Initially, we suggest making an assessment or proof of concept of our cybersurveillance monitoring services to see exactly how exposed you are to brand risk and how to deal with it. The next step is to define the type of monitoring that is required. We make a triage and only target the relevant areas of exposure. Phishing monitoring, for example, is a target for financial institutions and online retailers, but it may not be for a manufacturing company, for example.
Once deployed, Orange Cyberdefense customers are sent an alert via their in-house portal, email, SMS or, soon, a web app. These alerts profile the threat and are directed to security analysts and IT departments in addition to fraud management departments or CMOs, for example. This means that all interested parties can be kept in the loop about a potential brand threat.
Proactive brand protection
Your digital brand is one of your most valuable assets. It is critical that you have visibility of how it is being exposed and used in cyberspace.
By bringing proactive digital brand surveillance into your cybersecurity strategy, you can constantly monitor and seek out potential threats to your brand and mitigate, or stop them, before any damage is done.
For more information about threat management, download our advice sheet.
Sylvain Conty is Head of Presales for Managed CyberSecurity Services at Orange Cyberdefense. He has been working in the cybersecurity ecosystem for 20 years and is responsible for building better security services for our customers by using our pentests, Vulnerabilities Operation Center, CERT, CyberSOC, anti-DDoS and CSIRT capabilities.