When it Comes to Cyber Security, A Step Ahead is a Step Out of Harm’s Way

By Laurence Minsky, Ben DiSanti, & Joseph Carson

Marketing in the digital arena is one great balancing act. On one hand is the need for data, including customer personal data to create a customised product experience, and on the other is the looming invisible threat of data breach and cyber attacks. In this article, the authors elaborate on and provide crucial measures to ensure that you’re a few steps ahead in cyber security and a great deal out of harm’s way.


Cyber security is a lot like the famous story of two campers and a bear.1 In it, the two campers see a bear approaching them. One of the campers drops down and reaches for his shoes. The other one starts running, shouting back, “What are you doing? You can’t outrun the bear.” “I don’t need to outrun the bear,” replies the one putting on his shoes. I just need to outrun you.” In other words, having a slightly better cyber security system than others – and the cues that let people know that the system is in place – can often be the best strategy for protecting a company’s data from being compromised.

Seems like an easy solution, yet one where many struggle due to the unwarranted fear that customers might not want to take the extra time that the added friction of the security and cues bring to the transaction.2

But due to the overall changing landscape of cyber security itself as well as the impending implementation of the European Union (EU)’s General Data Protection Regulation (GDPR), this simple approach might make more sense than ever.

Scheduled to go into full force by May, 2018, GDPR will have an impact for business well-beyond EU’s borders as one of its principles is that any company dealing with an EU citizen (including an EU IP address) is bound by it. One of the main provisions of this governance is that an EU citizen must provide their consent for the use of any personal identifiable information (PII) before it can be captured or used.

As a result, the individual and household data that is currently being gathered in an unbeknownst manner – such as from databases and by following online behaviours – will no longer be available for marketers to use. This has the potential to significantly hamper targetted marketing efforts for many products and services.

Yet another indication of the grand shifts in cyber security relates to the expert who taught the world to use complicated passwords. He now admits he was wrong – that because of the growth in the amount of accounts and passwords, the guidelines that many of us follow today can result in passwords that are susceptible to hacking. As a result, the password guidelines from America’s National Institute for Science and Technology have, with necessity, been updated.3

So, with these changes looming, how do marketers continue to deliver a worthy brand experience while also staying ahead of the hackers?

  Please login or register to continue reading... Registration is simple and it is free!

About the Authors

Laurence Minsky is Associate Professor, Columbia College Chicago, and a marketing consultant helping agencies and brands across the globe. He is also co-author of The Activation Imperative: How to Build Brands and Business by Inspiring Action and Audio Branding: Using Sound to Build Your Brand, among other books.

Ben DiSanti is an Adjunct Professor at The University of Chicago’s Graham School of Business and a Partner as well as a co-founder of DiSanti, Hicks + Partners, which specialises in omnichannel shopper marketing. He is also a Managing Partner of Competent Curiosity, a strategic consultancy as well as a co-author of Creative Segmentation: How David can take on Goliath.

Joseph Carson is a UK-based Certified Information Systems Security Professional (CISSP) with 25 years of experience in enterprise security & infrastructure. An active member of the global cyber security community, he is the Chief Security Scientist at Thycotic, a leading provider of password management to more than 7,500 organisations.



1. Two Campers Meet A Bear,” eBaum’sWorld, http : //www.ebaumsworld.com/ jokes / two – campers – meet – a – bear / 81322574 /; uploaded 2/ 15/11 ; accessed 8/12/2017.
2. Lucas, James, Laurence Minsky & Ben DiSanti, “Good Cybersecurity Could be Good Marketing,” The Harvard Business Review, https : / / hbr . org / 2016 / 09 / good – cybersecurity – can – be – good – marketing; published September 23, 2016; accessed 9/4/17.
3. Titcomb, James, “Password guru who told the world to make them complicated admits : I got it completely wrong,” The Telegraph, http:/ / www.telegraph.co.uk / technology / 2017 / 08 / 08 / man – wrote – password – bible – admits – advice – completely – wrong / ; published 8 / 8 / 2017; accessed 8/13/17.
4. Contry, Pat & Anupam Narula, “Building consumer trust: Protecting personal data in the consumer product industry” https: / / dupress.deloitte.com / dup – us-en / topics / risk-management / consumer – data – privacy – strategies.html; published 11/13/14 & accessed 8/14/17.
5. Contry, Pat & Anupam Narula, “Building consumer trust: Protecting personal data in the consumer product industry” https: / / dupress.deloitte.com / dup-us-en /topics / risk – management / consumer- data – privacy – strategies . html ; published11 / 13 / 14 & accessed 8/14/17.
6. The Incident Response Plan – how to help your business survive a cyber-attack. Thycotic Webinarsm . https: / / thycotic.com / company / blog / event / the 7096359479051798019-incident-response-plan-help-business-survive-cyber-attack/;accessed8/15/17.


Please enter your comment!
Please enter your name here