Why You Need to Invest in Marketing Security in 2020

December 23, 2019 - Ensighten

How investing in marketing security (MarSec) can prevent a potentially catastrophic data breach

As a marketer, your website is one of your most powerful tools. A treasure-trove of valuable customer data, you can glean a wealth of information from the time visitors spend on your site, including their purchasing history, browsing behavior and personal preferences.

For this reason, marketing security (MarSec™) is no longer a nice-to-have, but a necessary investment in your business.

 

Why marketing security is important

As a digital marketer you face several challenges. Against the current backdrop of data privacy regulation and a heightened awareness of cyberattacks, you still need to collect and interpret data from website visitors, provide the best experience possible to customers while ensuring that their sensitive information remains secure.

Third-party scripts for advertising, analytics and A/B testing play an important role in these efforts, helping you better understand your customers and enabling you to develop successful marketing campaigns. Third parties can also improve the customers’ shopping experiences with faster checkouts, website accessibility and customer support options.

20 years ago, it was found that 90 percent of the code on company websites was owned and operated in-house. Today nearly 90 percent of website code comes from third-, fourth- or even fifth-party vendors and suppliers.

However, where there is reward there is risk – with third-party software often containing vulnerabilities that can be exploited by hackers or malicious programs.

In the US, 61 percent of companies says they have experienced a data breach caused by one of their vendors or third parties. Ensighten’s own research shows that nearly 80 percent of executives recognize that integrating third-party technologies into a website increases the risk of data leakage, but 57 percent admit that their organization currently cannot identify leakage of sensitive data from the browser, and 47 percent say they cannot prevent such leaks.

  • Of 100 US and UK firms, nearly 80 percent of respondents use commercial software
  • However, fewer than one in five public companies have performed a formal verification on a third-party application
  • 90 percent of third-party code does not comply with enterprise security standards

[Veracode research]

 

Websites: The growing threat to data security

The web is the primary source for data breaches, accounting for 79 percent of compromised records in the first half of 2019.

Elsewhere in 2019 digital skimming or formjacking payment cards made up 71 percent of web breaches. This type of attack was up seven percent on 2018, largely due to attacks by notorious cybercrime group Magecart targeting ecommerce sites.

But the problem of data leakage isn’t the only one facing marketers. Rising to prominence in 2019, ad injection sees unwanted software injected into your website visitors’ browsers without their permission. It allows customers to be targeted by unauthorized ads which bombard them with product ads, pop-ups, banners and in-text redirects, at best disrupting their experience and at worst, driving them to competitor websites and costing you sales.

 

Fallout of a data breach

Under the growing threat of attack, investing in marketing security may be a lifesaver – literally – for your organization.

The average cost of a data breach in 2019 was $3.92 million, with malicious and criminal attacks accounting for more than half of data breaches. Moreover, the time it takes organizations to identify and contain a breach in these cases has risen to 314 days on average – and the longer a breach’s life cycle is, the greater the total cost.

The consequences of a data breach can be devastating. Even if a third-party vulnerability is responsible for the breach, the customer will remember the brand rather than the root cause. Indeed, one 2019 survey shows that 78 percent of respondents would stop engaging with a brand online and more than one third (36 percent) would stop engaging altogether if the brand had experienced a breach. Nearly half (49 percent) would not sign up and use an online service or application that recently experienced a data breach.

 

What is marketing security?

Put simply, marketing security (MarSec™) is the real-time control and management of customers’ data on a website to prevent leakage of personally identifiable information (PII) – therefore essential for today’s IT security compliance.

Ensighten research shows that around two-thirds of executives said their organization is looking to ensure the security of third-party technologies and JavaScript on their sites via regularly scheduled audits or through workflow adjustments. This is a step in the right direction, but audits alone will not prevent data breaches or leakage, instead only seek to identify data incidents after they have occurred.

As the ecosystem of third parties becomes ever-more complicated, you need a solution that can monitor and securely manage all third-party integrations on your website.

Get in contact to learn about our MarSec™ platform which provides real-time website monitoring to check for unapproved technologies that might have access to your customer data. It will also prevent data being exposed within the URL and sensitive data from being passed to unauthorized third-party technologies. You can also white- and blacklist third-party vendors, block unknown and unwanted website trackers, technologies and tags to prevent them from firing on site and collecting data.

71 percent of retailers increased their overall digital marketing budgets in 2019, with 22.1 percent boosting their spending by more than 20 percent. In a landscape of increasing cyber threats and stringent regulatory control, it is essential they put marketing security front and centre of their planning.