What IT Can Learn from the Marketing Department
To many non-technical enterprise departments, IT—and particularly security personnel—are viewed as "Uh-oh... here's the party pooper!" They're the ones who are always seen as the people who say No. Yet, one IT executive has found a way to make security part of the company mindset... and to get the message across at the board level. Dr Cladia Natanson, chief information security officer at Diageo, has accomplished this impressive feat by treating security as a brand to be marketed, not a service that's grudgingly tacked on to business-as-usual.
In her keynote address Thursday at the Executive Women's Forum: Information Security, Risk Management & Privacy, Natanson said, "I don't have a security program; I have a product."
You may not know Diageo's name (I didn't), but you do know its products, which include Guinness, Baileys, and Tanqueray. The $50 billion company has 180 markets, 22,000 employees, and —very obviously— a marketing-centric corporate culture. In everything Natanson does, she's selling security. "I need my end users to buy into this if I'm to sell it," she explained. That means developing a look, with different "packages" for different user groups; and it means themes, like "Data Safe" (complete with a video ad for employees that sells them on improving laptop security). "I'm going up against Johnny Walker and Gordon's Gin," Natanson pointed out.
As just one example of how far she goes to embed security as a company internal brand, Natanson requested—and got—a "themed" conference room. Every company names its meeting rooms (CIO has several named after candy bars; I've seen other firms with town names or tree names.) At Diageo, each brand has its own themed meeting room whose decorations include cocktail recipes using, say, Bailey's or Gordon's gin. Now, the security team has its own "Cool blue" room which highlights corporate Bluetooth and WiFi capabilities, with "security cocktails" posted on the walls. "The chairman has drunk the password policy," Natanson said.
Her efforts to sell security as a product are far more than a marketing gimmick. It's a full marketing campaign intended to show how security (and IT) are part of the company's value. "You need to be seen as part of the business instead of outside it," she said.
One element is customer relationship marketing. In this case, it means that Natanson gets a one-hour meeting with every executive, including the chairman of the board, at least once a year. And she spends the time listening. That's when she asks about the big ideas for the year, and what they'll have to do to achieve those goals. Because she learns early what's coming, Natanson explained, she can "become part of their leadership programs." Instead of taking on a security role of scaremongering, she understands their needs early, and can show, "This is how I am adding value." And, though she never mentioned this directly, she can embed security into the product and IT design at the very beginning of the process, where it belongs.
"My brand is data," she said.
I think it's reasonably obvious that I was blown away by her presentation. We've long talked about IT being part of the business, but I think that even managers can get lost in the techie details. Marketing people are used to thinking in terms of feature/benefit, feature/benefit, but IT folks continue to talk about features rather than the business value. Natanson brilliantly, I think, adopted the corporate culture and, by speaking their language, has successfully gotten her message across at the board
Previous Post: Linus Torvalds: Why C++ SucksNext Post: Enterprise Developers Programming Speed? Check. Time to Fix Bugs? Not So...
Most Discussed Posts
Cloud computing has emerged as one of the most significant game changers to hit the technology landscape in the past 20 years. With this massive expansion of the cloud, the perception of the IT organization is shifting from a utility player to a change agent. This eBook breaks down five ways progressive organizations are using cloud-based IT Management solutions to help drive innovation and become more strategic, including: adding visibility and analytics, speeding up time-to-value, lowering costs, improving prioritization, and providing a blueprint for future cloud deployments.
Read the white paper to see how IBM helped Citigroup deliver new services and enhancements to their 200 million customers faster.
There are 3 ways to modernize legacy applications: rewrite completely, acquire packaged solutions or migrate existing code. This paper explains why it's best to migrate and how IBM® Rational® software can help.
Accommodating specific lines of business can result in a hybrid ecosystem of applications and servers. The resulting complexity of this architecture makes for an environment that is costly to maintain and difficult to change when addressing new challenges.
This whitepaper will help you to define a mobile device passcode policy. Security managers must attempt to reconcile two opposing goals. They must: 1) create a passcode policy that is strong enough to protect the device if it is lost or stolen, while: 2) not annoying users with needless length or complexity.
This whitepaper, authored by The Radicati Group, looks at the key reasons organizations should consider moving to a cloud-based archiving solution. Email archiving solutions enable organizations to store, monitor, and collect electronic data exchanged by their users to comply with internal policies and regulations.
ATERNITY will showcase a 30-minute demo on how Fortune 500 companies are leveraging its award-winning FPI Platform to deliver a user-centric approach to Proactive IT Management.
For businesses to move forward and tap into the ever-expanding universe of Internet users and network-enabled devices, it's critical to learn how to make the transition to IPv6. Learn the critical steps your organization must take to make a seamless transition-and keep your business world connected.
Learn how IT teams can protect against spear phishing tactics. Harry Sverdlove, chief technology officer of Bit9 offers a frank discussion about spear phishing - the most common technique used in today's advanced attacks.
Learn how to build a solid business case for your migration to Red Hat Enterprise Linux so you can run leaner, innovate faster, be more flexible and own the New Now.
Social media isn't about you; it's about everything around you. As you consider how your customers want to communicate with you, social media is something that can't be ignored. But what should your strategy be? Is social media "just another channel?" What kind of a plan makes sense for your contact center and for your customers? Join our experts as they share their insight and research results.
Hardware tokens were a popular method of strong authentication in past years but the cumbersome provisioning and distribution tasks, high support requirements and replacement costs have limited their growth. The additional log-in steps that hardware tokens require and the resulting user frustrations have limited adoption and make them impractical for larger scale partner and customer applications.
Sponsored Links
