why security matters for marketers

WHY SECURITY MATTERS for marketers

As marketers we’re focused on GROWTH

GROWTH

Chapter one: Why you should care about security.

If you collect data from customers, you are responsible for ensuring their protection

Bryan Eisenberg

Websites are being attacked every second

Insecure websites are more frequently targeted

•  Most of these attacks are aimed to steal user information, or compromise a website.

•  Looking at different attack types you can see what some of the most common attacks are – http is most prominent.

•  50% of attacks come against insecure websites.

Businesses of Every Size Are Being Targeted •  Betty’s Tea is a UK based café chain

and was targeted in May 2015

•  As a result of the attack: 120,000 customer names, email addresses and encrypted passwords were stolen.

A Story about Sony •  Sony was hacked in November, 2014 and personal employee details including

names and salaries were leaked

•  47,000 records were stolen, and the outrage started immediately, and is still ongoing

A Story about Sony

17 MILLION ATTACKS PER DAY

Every Attack Ties into Value •  According to PwC, every website SMB

website hacking incident costs between $92,000 - $165,000 on average.

•  McAfee found almost 90% of small- and medium-sized business in the US do not use data protection for company and customer information, and less than half secured company email to prevent phishing scams.

7-year olds can even hack networks

Most Websites Don’t Have Security

Only 20% of website are secure!

Brands have the opportunity to stand out for proactively addressing it and those who do not will very soon be far behind. Align your brand with the changing consumer

mindset and be a leader in customer security.”

Bo Holland, CEO AllClearID

Chapter two: How website attacks happen.

There are two primary types of website attacks MAN-IN-THE-MIDDLE DDOS

Man-in-the-Middle Attacks

What is a Man-in-the-Middle Attack? •  A Man-in-the-Middle attack happens when a hacker places a small file on your

website, and steals incoming user data. •  These files can go undetected for weeks, months, or years due to their small size.

Visitor

Hacker

Website

DDoS

What is a DDoS Attack? •  A DDoS (Distributed Denial of Service) attack happens when a hackers uses multiple

computers to flood traffic to a website. •  Incoming traffic volume is so large and so sudden, there is no option but for your

website to go down.

Website

What can we do to prevent these attacks?

Chapter three: All about SSL & WAF.

What is SSL?

Visitor

Hacker

Website

•  SSL stands for Secure Sockets Layer, and is a way of encrypting traffic between a website and the visitor.

•  As a result of traffic being encrypted, hackers cannot steal private or customer information from Man-in-the-Middle attacks.

Benefits of SSL Trust SEO Website Enhancements

Benefits of SSL

A padlock displays in the URL bar for secure websites – increasing visitor and consumer confidence that their information is safe.

Trust SEO Website Enhancements

Benefits of SSL Trust SEO Website Enhancements

Benefits of SSL Trust SEO Website Features

Benefits of SSL

“If your in a competitive niche, then it can give you an edge from Google’s point of view. With the HTTPS ranking boost, it acts like a tiebreaker. For example, if all quality signals are equal for two results, then the one that is on HTTPS would get the extra boost that is needed to trump the other result.”

Google’s Gary Illyes, said: Trust SEO Website Enhancements

Benefits of SSL Trust SEO Website Enhancements

HTTPS is “moderately correlated to higher search rankings”

Source: http://backlinko.com/search-engine-ranking

Benefits of SSL Trust SEO Website Enhancements

Have you seen pages like this?

Benefits of SSL Trust SEO Website Enhancements

Using HTML5, your website can incorporate features that utilize the visitors device information, such as: •  Geolocation •  Video and Microphone •  Device Motion/Orientation •  Fullscreen Without SSL, none of these will work in Chrome or Firefox.

What is a WAF? •  WAF stands for Web Application Firewall and forms a protective ring around your

website to weed-out bad traffic, and allow good visitors to come through.

Website Website Visitor

Hacker

Hacking Recovery Plan

1.  Check with I.T. and/or your website host to determine root cause, and impact

2.  Create scenarios and playbooks for every type of hacking incident (loss of user

information, website downtime, etc.)

3.  Communicate with affected internal stakeholders

4.  Communicate with external customers, prospects, and other affected parties

5.  Ensure you have contact details for key team members

Chapter three: Next Steps.

Create a Hacking Recovery Plan

1.  Check with I.T. and/or your website host to determine root cause, and impact

2.  Create scenarios and playbooks for every type of hacking incident (loss of user

information, website downtime, etc.)

3.  Communicate with affected internal stakeholders

4.  Communicate with external customers, prospects, and other affected parties

5.  Ensure you have contact details for key team members

Want to secure your website today?

Click here to start a free trial of the HubSpot Website Add-on.

Jeffrey Vocell (@jvocell)

Product Marketing Manager

Thank you!