Protecting Your Brand from Cyber Attacks: A Podcast With the EIU

In this second of a 3-part podcast series, explore the security issues of brand reputation and customer data. Listen to the first podcast here.

A company builds its brand for 10, 20, 30 years or more—expanding its integrity with partners, suppliers, and customers. Then, in a flash, its reputation is destroyed overnight.

That’s the nightmare possibility facing many C-suite and security executives. A 2016 study from The Economist Intelligence Unit (EIU), and sponsored by VMware, asked more than 300 C-suite executives, “What’s your worst case scenario for a cyber attack?” The leading answer, overwhelmingly, was an attack that damages the reputation and brand of the company.

The type and character of today’s cyber attacks is changing. Cyber criminals have moved from isolated attacks to probing the entire shell of an organization for a way in. Today’s attackers are better funded and increasing in number and sophistication. So what should data security teams do to protect their brand’s reputation? That’s the question posed to West Coghlan, senior editor for technology at the EIU.

“What’s really scary about cyber attacks on the impact of brand,” says Coghlan, “is they pass through the company and go right to the customer. … [who] can have their identity stolen, their bank account looted, and they can blame it on you.”

Customer data, in particular, is an attractive target for attackers because there is a robust aftermarket to sell what they steal. “In the worst case scenario, the attack happened some time ago, and you’re just finding out now,” says Coghlan. The attackers have “stayed in your company doing what they’re doing, and you’re suffering harm for a period of time.”

Protecting the reputation of the enterprise from attack is a top priority for security executives, C-suite executives, and boards of directors alike. Forward-looking companies increasingly view protecting their brand as a complex problem requiring a comprehensive solution and broad cooperation across the enterprise.

“You can’t defend everything. Cyber security needs to be built around priorities,” says Coghlan. He advises aligning priorities with budget, resources, and support from the C-suite and Board, mobilizing the workforce to be vigilant, and extending the company firewall around customers and suppliers.

As VMware CEO Pat Gelsinger explained in his RSA 2016 keynote, VMware® NSX™ network virtualization offers organizations the alignment and ubiquity needed for a true security architecture that can address all of these priorities. The micro-segmentation made possible by these NSX capabilities transforms security by creating the strategic defense needed to protect an organization’s most valuable data.

Customer data has become both a high-priority target for cyber criminals and a potential enterprise vulnerability where the greatest harm to a firm can take place. Listen as Coghlan explains how companies are prioritizing security defenses around brand-related assets such as transaction data, CRM data, and customer lists, and engaging in special training for employees who touch the customer data.

Stay tuned on Radius for part three of this three-part podcast series on cyber security, coming in September.

The Economist Logo: Intelligence Unit