• March 2, 2017

Open Dialogue: A CMO’s Role in the Security Conversation

Honesty is still the best policy during a data breach.

The recent revelation about the depth of the 2012 Dropbox security breach and communication thereafter provides yet another reason to keep the safety of enterprise information front and center. While enterprises are presumably worried that customers and sales will shy away after security breaches, they often muddy the message to soften the blow. The irony in this approach is experience and research show that most consumers actually increase trust after receiving a privacy notification regarding a data breach. One fact is clear: Marketing needs to be part of the security conversation earlier than when the alarm sounds.

According to the Deloitte Australian Privacy Index 2016, 94 percent of consumers believe trust is more important than convenience, and most consumers don’t lose trust in an organization following a security leak. In fact, the same study states that 34 percent of respondents said they had more trust after receiving a breach notification, most likely because the notice confirmed that security monitoring and a proactive communication plan was in place.

So what can the enterprise learn about disclosing data leaks? More so, what’s the best way to handle a security crisis with transparency, and what role should the CMO play in a security breach?

Because communication regarding how personal information is collected, used, and shared is critical when it comes to building trust, the first thing a CMO can do to protect data privacy is have a plan in place. Here’s a three-step guide to proactively handling data security and the measures to take if there is a breach.


Just like with any other plan, it is important to take inventory before crafting a response. Enterprise marketers need to assess their current proprietary data as well as CRM information to fully understand what information they manage. This inventory should be comprehensive and include information regarding where the data is stored and who has access to it.


To detect a security breach early, a proactive plan that is cross-departmental is critical. This means it is more important than ever for the CMO to form a collaborative relationship with the CIO to truly understand how and what to look for in user behavior to spot security breaches before they manifest. While a preventive plan for a data leak is critical, a response plan to provide education and training for employees is equally important.


To be best equipped if the alarm rings, CMOs need to run the necessary drills ahead of time. This requires testing the plan from the first sign of unusual behavior all the way through to customer notification. CMOs should drive their teams by giving ownership of specific steps in the process to accountable marketers.

Today, dealing with a data breach is about more than just reacting: It’s being proactive in the planning, providing transparency in addressing the security issues, and clearly communicating to the end consumer.

Like this story? Learn more about the future of cybersecurity.