In an increasingly digitized world, the significance of cybersecurity cannot be overstated. Yet despite notableย ransomware casesย in recent years and a drastic, seemingly COVID-fuelled spike in overall attacks, many executives remain unprepared.
In response to the increased frequency of cyberattacks, the cybersecurity market continues to surge, with forecasts predicting exponential market growth. Statista, for example, notes that โan increasing awareness of cyber threats leads to a rising investment in cybersecurity infrastructure worldwideโ,ย forecasting a market expansionย to $345.4 billion by 2026 โ an expansion of over 50 per cent compared to its 2021 $217.9 billion market size.
Nonetheless, one may attribute the escalation of cyberattacks to an array of factors. The ongoing pandemic and the vulnerabilities it has exposed seem to lie at its centre, as IT professionals have seen a stark increase in cyberattacks since its start. Deloitte agrees, finding thatย 35 per cent of post-pandemic cyberattacksย โused previously unseen malware or methodsโ โ a notable increase from pre-pandemicโs 20 per cent.ย Yetย research confirmsย that the majority of organizations do not have a cyber security incident response plan in place.ย Finally, the continued expansion of businessesโ marketing scopes now entails copious amounts of data, asย Forbes notes. They argue that โas more departments across the organization continue to collect copious amounts of data, the IT team is no longer solely responsible for cyberattacksโ. This, they explain, is because โoverseeing every piece of data is extremely challengingโ โ leaving IT departments with fewer options and placing some cybersecurity responsibility on marketers as well.
McKinsey & Company reportsย that just 16 per cent of survey respondents say their companies are well prepared to deal with cyber risk. Worse still, as digital marketing expands, it too offers malicious actors more opportunities to carry out attacks. For this reason, let us explore the 5 most prevalent cybersecurity concerns in digital marketing.
Cybersecurity concerns in digital marketing
Still, digital marketers do not typically have to face or bear responsibility for cyberattacks of all types. Rather, each marketing practice and asset carries its own prevalent risks, which require due attention.ย
1. Malware and remote access to customer relationship management (CRM)ย
Cyberattacks targeting CRM software can be among the most damaging, given the nature of CRM software itself. A notorious such case in recent times was USCellularโs CRM data breach, which they believe occurred on January 4th, 2021.ย BleepingComputer reportsย that the attack occurred due to human error, as โemployees were scammed into downloading software onto a computerโ. Then,ย USCellularโs notificationย confirms that the unauthorized individual could enter the CRM system using the employeeโs credentials, since they were logged into the CRM at the time.
To address this risk, organizations may adhere to stricter security protocols, such as only downloading software from trusted sources and partners, and limiting software installations on business machines to the bare minimum. Finally, regardless of department, all CRM users must log out of CRM solutions when not in active use.
2. Phishing and email marketing
Similar attacks occur via email phishing, with similarly increased frequency. A notable example of email-based attacks comes with NOBELIUMโs recent attacks against SolarWinds, which Microsoft had been tracking since January 2021. These attacks coincided with a concerning general spike in phishing attacks;ย Sophosโs 2021 surveyย finds that 70 per cent of respondents recorded a rise in phishing attacks on their organization since the beginning of the pandemic.
In this regard, as email users themselves, employees must remain aware of email-based phishing tactics and other attacks โ as the above case illustrates. They may more carefully scrutinize any requests for information, from the senderโs legitimacy to the requestโs purpose, and confirm with an appropriate manager when suspicions arise. In this context, minimizing human error through training programs that increase awareness offers demonstrable benefits.
3. Fraud and social media marketing
Further supporting this notion of cyberattack escalation, Phishlabs reportsย a staggering 47 per cent increaseย in social media-based attacks. Perhaps predictably, fraud was the attack type that saw considerably more use. This find, too, offers grounds for cybersecurity concerns in digital marketing, as social media marketing remains a prominent, cost-effective marketing endeavour.
Social media-based attacks typically include impersonation to effectively deceive recipients, and subsequently deploy ransomware. In this regard as well, businesses may enhance their cybersecurity training efforts and bolster their incident response plans. As they do, users may avoid dubious downloads on business machines and confirm information requests with superiors to reduce the risk of successful impersonations. They may also consider stronger, diverse passwords, as weak and shared passwords remain a prominent phenomenon that only endangers users.
4. Password attacks and brute force attacks in content marketing
This trend of risk escalation continues with increased attacks on Content Management Systems (CMSs). As regards WordPress in particular, WordFence and WPScan releasedย a thorough WordPress security reportย in August 2021, in which they find that password attacks will continue to rise, while brute force attacks have already more than doubled.
Awareness training and response plans aside, content marketers thankfully have a relative advantage in this regard, as many SEO-adjacent practices they typically embrace offer some solutions. Regarding brute force attacks, marketers may cull old and unneeded plugins, opt for frequent backups and security scans, and use WordPress security plugins to limit potential vulnerabilities. Regarding password attacks, the report above concludes by suggesting โpassword hygiene best practicesโ, including using stronger passwords, using 2-factor authentication (2FA), and disabling XML-RPC when not in use.
5. Ransomware in eCommerce
Finally, eCommerce has not been exempt from increased cybersecurity risks. On the contrary,ย WebScale findsย that security remains the eCommerce industryโs primary challenge, noting that โsome of the worldโs leading brands fell victim to cyberattacksโ in 2020, including Virgin Media, Garmin, Tesla, and Shopify. Sadly, the same data also supports the initial claim that businesses and marketers alike remain relatively unprepared.ย
In this regard, marketers may consider a plethora of safety measures โ the aforementioned aside. Content delivery network (CDN)-side, they may opt for widespread CDNs with multi-layer protection to better defend against DDoS attacks. Server-side, they may enhance SSL protocols, opt for robust security systems and firewalls, and enhance security monitoring to identify potential attacks more swiftly. Finally, user-side, they may opt for 2FA, stronger passwords, and anti-malware and similar security software.
Conclusion
To summarize, cybersecurity concerns in digital marketing abound in the post-COVID era. As malicious actors become emboldened and continue to seek vulnerabilities to exploit, so too must organizations and employees remain vigilant and careful in their online activities. As research continues to identify human error as the primary vector for attacks, cybersecurity training may offer a powerful asset.
___
by Nick Djurovic
source:ITWorldCanada.com
