Why Marketing and IT Teams Should Share Cybersecurity Responsibilities

Email Authentication and Cybersecurity

The pandemic heightened the need for every department within an organization to pay more attention to cybersecurity. That makes sense, right? The more tech we use in our processes and day-to-day work, the more vulnerable we could be to a breach. But the adoption of better cybersecurity practices should begin with well-versed marketing teams.

Cybersecurity has typically been a concern for Information Technology (IT) leaders, Chief Information Security Officers (CISO) and Chief Technology Officers (CTO) or Chief Information Officer (CIO). The explosive growth of cybercrime has — by necessity — elevated cybersecurity well beyond that of merely an IT concern. At last, C-suite executives and boards no longer see cyber risk as an ‘IT problem’ but as a threat that needs addressing at every level. To fully combat the damage a successful cyberattack can levy requires companies to integrate cybersecurity into their overall risk management strategy.

For full protection, companies must strike a balance between security, privacy and customer experiences. But how can organizations reach this tricky balance? By encouraging their marketing teams to take a more active role.

Why Should Marketers Care About Cybersecurity?

Your brand name is only as good as your reputation.

Richard Branson

It takes 20 years to build a reputation and five minutes to ruin it.

Warren Buffet

So what happens when cyber criminals obtain the information and access they need to successfully impersonate a company, deceiving its customers, stealing data, or worse? A serious problem for the company.

Think about it. Nearly 100% of businesses send monthly marketing emails to their customers. Every marketing dollar spent sees an return on investment (ROI) of about $36. Phishing attacks that damage one’s brand threaten a marketing channel’s success.

Unfortunately, it’s all too easy for scammers and bad actors to pretend to be someone else. Technology preventing this spoofing is mature and available, but adoption lacks because sometimes it’s hard for an IT organization to demonstrate the clear business ROI for security measures across the organization. As the benefits of standards like BIMI and DMARC become more apparent, marketing and IT can paint a compelling joint story. It’s time for a more holistic approach to cybersecurity, one that breaks down silos and increases collaboration between departments.

IT knows DMARC is crucial to protecting organizations from phishing and reputational harm but struggles to gain buy-in for its implementation from leadership. Brand Indicators for Message Identification (BIMI) comes along, generating excitement in the marketing department, which wants it because it improves open rates. The company implements DMARC and BIMI and voilà! IT achieves a visible, concrete win and marketing receives a tangible bump in ROI. Everyone wins.

Teamwork Is Key

Most employees view their IT, marketing and other departments in silos. But as cyberattacks become more sophisticated and complex, this thought process benefits no one. Marketers are also obligated to help protect organization and customer data. Because they’re more closely connected to channels like social media, ads and email, marketers use and share a large amount of information.

Cybercriminals launching social engineering attacks use this to their advantage. They use email to send fake requests or solicitations. When opened, these emails infect marketers’ computers with malware. Many marketing teams also work with diverse external vendors and platforms requiring access to or an exchange of confidential business information.

And when marketing teams are expected to show ROI growth while doing more with less, they’re constantly looking for new, innovative technology that increases productivity and efficiency. But these advancements can create unintended openings for cyberattacks. It’s why marketers and IT professionals must step out of their silos to collaborate and ensure marketing improvements aren’t leaving the company vulnerable to security risks. CMOs and CISOs should audit solutions before their implementation and train marketing personnel to recognize and report potential cybersecurity risks.

IT professionals should empower marketing professionals to become stewards of information security best practices by using:

Another valuable tool to include in marketers’ cybersecurity strategies? DMARC.

DMARC’s Value For Marketing Teams

Domain-based Message Authentication, Reporting and Conformance is the gold standard for authenticating email. Companies adopting DMARC at Enforcement guarantee that only approved entities can send emails on their behalf.

By utilizing DMARC (and the underlying protocols SPF and DKIM) effectively and getting to Enforcement, brands see improved email deliverability.. Without authentication, companies leave themselves open to cybercriminals using their domain to send phishing and spam emails. DMARC at Enforcement prevents hackers from catching a free ride on protected domains.  

Neither SPF or DKIM authenticate the sender against the “From:” field that users see. The policy specified in a DMARC record can ensure that there is “alignment” (i.e. a match) between the visible From: address and either the DKIM key’s domain or the SPF verified sender. This strategy prevents cybercriminals from using bogus domains in the From: field that fool recipients and allow hackers to reroute unwitting users to unrelated domains under their control.

Marketing teams send emails not just to target potential customers. Ultimately, they want those emails opened and acted upon. DMARC authentication makes sure those emails arrive in the intended inboxes. Brands can bolster their resilience even further by adding Brand Indicators for Message Identification (BIMI).

BIMI Turns DMARC Into Tangible Marketing ROI

BIMI is a tool every marketer should use. BIMI lets marketers add their brand’s logo to protected emails, which has been shown to increase open rates by 10% on average.

In short, BIMI is brand benefit for marketers. It is built on strong email authentication technologies — DMARC at enforcement — and collaboration among different stakeholders including the marketing, IT and legal departments..

Marketers have always relied on clever, catchy subject lines to capture recipients’ attention, but with BIMI, emails using a logo become quicker and easier to identify. Even if consumers don’t open the email, they see the logo. Like putting a logo on a t-shirt, a building, or other swag, a logo on an email immediately calls receivers’ attention to the brand — a development never possible before without first opening the message.  BIMI helps marketers gain entry to the inbox much sooner.

Valimail’s DMARC as a Service

DMARC enforcement is the path to BIMI. To walk this path requires  ensuring DNS properly authenticates all sent mail — a time-consuming activity for businesses. Only 15% of companies successfully complete their DMARC projects. There has to be a better way, right? There is!

Valimail Authenticate offers DMARC as a Service, including:

  • Automatic DNS configuration
  • Intelligent sender identification
  • An easy-to-follow task list that helps users achieve rapid, ongoing DMARC enforcement

DMARC Authentication™ takes the risk out of DNS provisioning. Its complete visibility allows companies to see who’s sending email on their behalf. Guided, automated workflows walk users through each task to configure services without the need for deep, technical knowledge or for contracting outside expertise. Finally, contextual analytics help validate automated recommendations — and alerts keep users up-to-date.

Marketing departments can’t live in silos, sheltered away from cybersecurity concerns, any longer. Because they’re more accessible thanks to a larger presence on Twitter, LinkedIn and other social media platforms, hackers see them as easy, exploitable targets. As organizations recognize the value of creating a culture of cybersecurity awareness, they must invite their marketing teams to collaborate at the risk management table with the IT and CISO teams.

Try Valimail

Disclosure: Martech Zone has included affiliate links in this article.