When the Target data breach occurred in 2013, the response was surprising as it took too much time to manage the consumer fallout. Watching communications unfold over time, I assumed that lawyers must have managed the response, because marketers would have handled it differently–focusing effort on mitigating consumer trust damage, brand damage, and negative financial consequences.

And so I’ve been interested in this topic—marketing’s role in data breaches—for some time. I came across an exceptionally knowledgeable individual on the topic, Holly Rollo, the CMO of RSA, the Security Division of EMC. RSA solutions enable customers worldwide to deliver business-driven security strategies. After listening to her, I decided to create a multi-part series on why CEOs and marketers need to wake up to the cyber security storm that is approaching. The following is the first post on the topic–focusing on the basics of cyber security as described by someone in marketing.

Whitler: What does a data breach mean? We use this term a lot, but how would you define it?

Rollo: Put simply, a data breach is a disclosure of information to an unauthorized party. Oftentimes, people use terms like breach, compromise, or intrusion interchangeably. However, precision is critical, as there are consequential differences between these terms and the risk each presents to an organization.

We think about three types of security incidents:

  • Intrusion: Unauthorized access to networks or systems
  • Compromise: An attacker is able to manipulate systems/applications and circumvent security measures or controls. It is important to note that a compromise can be as or more damaging as a loss event
  • Breach: A loss event where information has been exfiltrated (taken out of) from a system or application.
  • Whitler: Why do these differences matter?

    Rollo: It has to do with characterizing the scope. We sometimes use a simple analogy of robbing a bank. In this case, the goal of a bank robber is not to enter the front door of the bank, but to leave with the money in the vault. They frankly don’t care how they get into the bank—their goal is simply to get the money and get out. The same sentiment applies in cyber. They don’t care how they get access, but depending on their “goal,” they will do different things that companies need to spot and stop. In another case, maybe someone wanted to manipulate information, not take it out.

    Whitler: How can data be breached?

    Holly Rollo, CMO of RSA, the Security Division of EMC

    Rollo: A breach can be intentional or unintentional. It can be a result of deliberate action by an insider or an outside hacker, but it can also be the unintended result of something an employee does, a system failure, or a third –party application error. It is important for organizations to think through all of these dimensions. A hacker may compromise someone’s password, send spear-phishing emails, or steal a laptop. An employee may misuse access intentionally, or mistakenly send information to the wrong location (e.g. a healthcare company sending patient records to the wrong address). At the end of the day the result is the same –information is put into the wrong hands. Also, damage doesn’t necessarily mean data is taken; it could just be that it is manipulated nefariously.

    Whitler: Why do people hack systems and go after data?

    Rollo: It depends on the goal. Information is one of the most valuable assets of an organization – whether intellectual property, personal data, or sensitive business information, most organizations have something that is valuable to someone else. Hence, every organization is a potential target. But, attackers aren’t always looking to steal information. Remember, the intrusion is a means to an end, not the end itself. In the past, many hacks focused on taking financial or personal information, but objectives continue to expand. There is a surge in ransomware, hackers blocking access to your data until you pay them to unlock it. And now there is hactivism, where a cyber attack is a means to draw attention to a cause or grievance. The DNC hack is an example of an attempt to potentially disrupt or manipulate the election—by publically exposing secret emails to discredit the DNC and the Democratic nominee. Also consider the Snowden breach in 2013 where the goal was to expose surveillance activity by the US Government. These examples illustrate how various actors can have much more far-reaching impact than simple fraud. The implications of this are enormous.

    Join the Discussion: @KimWhitler @HollyRollo