Over the last few years, cyber security and data risk has steadily climbed up in the list of enterprise concerns. It is no longer the domain of just CISOs or security professionals. Breaches of various levels are now occurring across departments and industries. This has driven some hectic activity in the sector, and over the last year, the number of cybersecurity merger and acquisition deals rose by 12 percent. Here are some better known M&As in the sector:
- Cybersecurity start-up Sqrrl was acquired by Amazon Web Services.
- Web security company Sucuri was acquired by hosting giant GoDaddy.
- Zenedge, an AI based security provider for the cloud, was acquired by Oracle.
- Secdo, was acquired by Palo Alto Networks.
But the process of a merger or acquisition can create or expose new vulnerabilities, especially for digital marketers that use these companies’ products and services. In fact, data protection, cybersecurity and information breach risks are common during mergers. The report stated that nearly 40 percent of organizations who have been through an M&A process had found a cybersecurity issue during the due diligence period after the purchase or acquisition. In addition to Data breaches, there are a number of issues that arise when integrating business systems, mostly because of the processes often being messy, buggy, and prone to vulnerabilities.
As far as marketers are concerned, the domain and hosting providers like GoDaddy will continue to acquire businesses that serve small enterprises, and they need to be aware and alert to the risks. Since the marketing teams are social media connected, and at the backend, are also closely connected to a lot of close-to-home data, they need to be extra careful. In addition, their caution should extend to when working with outside vendors and software programs that require the exchange of sensitive and confidential company information.
Innovations may be the obvious and most ingenuous way out, and marketing teams need to collaborate with IT, to ensure no data risks are created. For a CMO, it is a part of the core responsibilities to ensure the marketing team does not fall prey to security vulnerabilities for the company. To ensure there is general awareness, the marketing teams need to work with their IT security to conduct staff training to build balanced governance for daily operations.
Unfortunately this is one risk not many teams are aware of, so there is need of selection and labelling of potential targets during a cyber-attack. They should regularly evaluate their cybersecurity strategy– especially during a merger and acquisition – and to work in tandem, not separately, with the IT department. In fact there is a need for security programs and processes to be woven into digital marketing activities, making them genuine stewards of information security best practices.