Data Breaches Are the New Enemy
The boss leaned forward, watching the red warning banner flash across his screen. It was a breach. Dammit! On days like today, his assistant would be in his office in less than five seconds. Four, three, two—
“There’s been a breach!” Right on cue, the door swung open and Alex barged in, lanyard swinging, knuckles white from gripping their tablet. The kid had sitcom-level timing. Except today wasn’t funny. Alex’s eyes were calm, but their eyebrows twitched.
The boss nodded. “How many so far?” He stood up and followed Alex down the hall. They both knew where they were going: the special boardroom. The senior leadership was already on their way. It was protocol.
Alex’s eyebrow twitched again. “Two, three hundred thousand?”
The boss stopped and locked eyes with Alex. The fluorescent lights glared down on them, buzzing faintly.
“Alex,” the boss said quietly. “I need real numbers. Senior leadership is going to lead with this. I have to tell them how bad it is.”
Alex’s silver eyes flicked down at the tablet and their hand paled. “Five hundred thousand users. Conservative estimate. Realistically, probably seven-hundred and fifty.”
There were five pregnant seconds of silence. “Any idea where this started?”
“Hunting down all possible leads. We have a cluster of IP addresses in the Philippines, but that could be coming from—”
“Chinese coast guard vessels.” The boss took off his glasses and rubbed his eyes. He’d been waiting for this day for a few years. And it had come.
Alex looked confused. “What would the Chinese coast guard want to do with us?”
The boss squared his shoulders. “Doesn’t matter. What I need you to do is go to your desk, shut down your computer, turn off your phone and tablet, and take out the SIM cards. That means this too,” he said, touching Alex’s tablet. “Then I want you to go to my desk and move all the files just like we talked about.”
Alex looked like they were about to faint.
“Before you to that, though, make sure the team knows to huddle in my office at 8AM tomorrow. Nothing in an email. On paper. Understood?”
Alex nodded, and ran to do as they were told, rubber soles squeaking against the tile floor in understated panic.
Did I just write a bit of military fiction or was that a private-sector scenario? More important question: does it matter? Companies like Equifax and Capital One are not only feeling external pressure from government agencies, but they are hemorrhaging money, credibility, and raising anxiety. It feels discouraging and demoralizing to know that Equifax values my data at a mere $125. It’s time for marketers to not only think about the importance of security, not just personalization and privacy.
“But all my data is in the cloud!” you exclaim. “I regularly change my passwords and I automatically log out after five minutes!”
Perhaps, but clouds are hackable, which is why Amazon and Microsoft are currently dueling for the coveted JEDI contract with the Department of Defense, which will likely be announced later this year. JEDI is a “war cloud” implying that commanders can instantaneously access and share classified information that bypasses traditional servers. The general idea is that information moves from command centers to the battlefield faster, without the stress of worrying about enemy penetration.
Amazon certainly isn’t alone in its ability to sell technology solutions to the military, in addition to its commercial business, but the added wrinkle of such a large defense contract could portend changes to the private sector. There’s not reason that a large or even medium size brand that has millions of data points that are segmented and targeted with specific campaigns wouldn’t be attractive to competitors. Or, if no one can break into the cloud and extract data, maybe they can spoil it. Inserting a virus that ruins campaigns could significantly impact anticipated revenue.
All technological advancement carries inherent risk, and senior marketers need to come armed with questions about how to maintain privacy and security in their CDP, DMP, or in instances of CX clouds, like in Oracle or Salesforce.
- Who in your company is responsible for data security?
- Has the company leadership prepared for a data breach or a similar event?
- How would a marketer respond to a data problem?
- What steps can we take today to prevent a data breach?
None of these questions are easy to ask, and may not even have answers. But by pushing past the initial discomfort and imagining a worst-case scenario, marketers can begin to prepare for the oncoming challenges that securing data will likely pose.