Recent cyberattacks against government agencies and politicians, as well as various news sites, prove that no one is immune and explains why more and more companies are investing to keep their business data safe. In just the last two years, the number of publicly traded companies that count security threats to their major business risks almost doubled, and for good reasons.
Digital security risks occur in many forms. One of the most common, but least known dangers, is lurking in vulnerabilities arising from marketing tags. To gain a better understanding of customer behavior, or improve personalization and loyalty, companies increasingly use a complex mix of marketing technologies, such as A / B testing tools, widgets for sharing on social media and plug-ins for analysis. However, these technologies are often poorly managed. Companies hardly have an overview of the providers that are active on their pages and what impact this can have.
Let me give you a scenario of the potential consequences of such uncontrolled and unauthorized tags. Find out how to avoid risks.
A study by Ghostery, for instance, showed that 96% of all domains have vulnerabilities due to unsafe tags that were often placed indirectly by piggybacking on authorized providers of fourth and fifth parties. These unsecured tags allow hackers to perform man-in-the-middle attacks and the code gets changed for malicious purposes, such as the collection of personal data or disclosure of inappropriate content. This is especially serious if unsafe tags show up on protected pages for registered users, where confidential information and payment details are entered, as online security breaches can have several consequences:
Direct financial impact
The most obvious consequence for a company is a direct financial loss. According to the Global Cyber Impact Report of the Ponemon Institute, more than a third (37%) of all companies suffered significant security breaches in the past two years. On average, it costs them $ 2.1 million, including legal fees, costs for notification of victims or analysis, or simply loss of income, to name a few.
In addition to the direct costs, which a security breach by unsafe tags brings, there are also indirect financial consequences, such as reputational damages that can have a far-reaching ripple effect: For instance, losing a customer to the competitor that is seen as more trustworthy. Even if the browser is blocking unsafe content - thus avoiding a breach and data loss - the presence of uncertain external technologies on protected sites often leads to content warnings that erode customer confidence. Studies show that nearly 60% of all online shoppers leave the page when they receive such a warning.
Poorer ranking in search results
Furthermore, the security of a website is by now as well taken into consideration by search engines algorithms to calculate the search results. Google uses HTTPS as ranking signals, besides content warnings caused by provider tags that mediate that a website has both secure and arguable HTTP content that deteriorates the ranking. Most likely this protective measure will even gain importance in the future. Anyway, the impact of unsafe technologies on search results can only increase.
What to do?
The consequences of unsafe provider technologies may sound extreme, but can be alleviated by simple improvements in the tag management on a corporate website. The first thing companies should carry out is a supplier audit to identify all active technologies on their sites. A live scan is a good start and can provide surprising results. Subsequently, the company should consider removing any unnecessary or unauthorized tags on its sites. If only authorized tags remain, the company should transfer the support service of all technologies from one vendor to an employee who deals with any problems as soon as possible. As a final step, the company should adopt strict rules for suppliers, that e.g. limit the number of tags from third parties and regulate where the tags will be placed and what data they are allowed to collect.
In an age, in which cyberattacks are more and more prevalent, companies need to understand the potential consequences of uncontrolled provider technologies. Since nowhere else the data sets are growing faster than in marketing, making it more complex to derive meaningful insights, it is increasingly becoming a mission-critical challenge of today's enterprises.
As if creating a fully customized and personalized customer experience wouldn’t be difficult enough, the expectations of consumers are skyrocketing in complexity. Today, people expect to feel no difference whatever channel or touchpoint they turn to and they want their voice to be heard always and everywhere. Therefore, tune your ears to the paradigm shift so as not to risk wasting opportunities, budget or valuable time.
By Daniela La Marca