Digital Security: Why Do So Many Still Say “No”?
What if, one day a year, airports sent the TSA home and let all planes fly with passengers unchecked? It would save travelers hours of time. They’d keep their shoes and belts on. Their laptops would remain inside their bags. But would you get on the plane knowing that no one else was security-checked?
I’m certain that I would not.
Security can be a pain. Participating in its processes can be burdensome, stressful and expensive. But we participate to ensure our collective safety. What if no one paid attention to stop signs, traffic lights and speed limits? What if paying a percentage of your tax dollars for police officers and firemen was optional? Who would stop your house from burning if it caught fire? Who would stop the drunk driver who shouldn’t be on the road? In parallel, ad-industry security must be inclusive; we can’t allow free-riders into our supply chain.
Unfortunately, when it comes to digital security, we often hear more about shortcuts that were taken, costing brands billions of wasted ad dollars, than we do about prophylactic investments. Individuals and organizations should be racing to create a safe advertising environment online, but adoption is slow. Most people look at those who play fast and loose with security as only risking their own reputation and bottom line. I look at them differently. They weaken the chain that we count on for our livelihoods, and ignore an industry obligation.
So, why do companies say “no” to badly needed security? Why does it take a major incident to deploy proper checks and balances? How do we hasten the adoption of important security measures to stem the damage to our industry?
Here are a handful of the reasons some companies are either not stepping up to take a pro-security stance, or feigning interest:
They fear they have too much to lose.
Security solutions can quickly expose pockets of valueless inventory that have hitherto been profitable. Asking supply-side partners to take a temporary “hit” has risks, but the rewards far outweigh the concerns. Companies that differentiate with security will achieve more sell-through and higher multiples.
They are uninformed.
Clean inventory is beneficial for buyers and sellers alike, but must be prioritized. Security is not just for banks or the Fortune 500. Security is a necessary foundational concern for every publisher, ad network, exchange, DSP, supply-side intermediary and online retailer. Those who think it doesn’t apply to them are part of the problem. Consider how you’re protecting your brand, your clients, your users and your bottom line.
There’s a pervasive misunderstanding that security is somehow an underlying part of the fabric of the Web. Recent events like the Target hack are reminding organizations that the state of security is fragile and in constant flux; industry participants must be disciplined in how they adopt and improve both technologies and policies.
They don’t prioritize security.
Awareness coupled with inaction is negligence. The worst perpetrators are those who are aware of how vital security is, but elect not to prioritize it because they see complexity that they feel unprepared to navigate. They know red lights are there for good reason, and run them anyway.
What these businesses need to realize is that the upfront costs of security will always be significantly less than the cost of damage control. Target has estimated that the costs associated with its data breach totaled $61 million in its fiscal fourth quarter. It’s not the only brand paying millions for security blunders. An independent study conducted by Ponemon Institute in May 2013 revealed that security breaches cost U.S. firms an average of $5.4 million in 2012. And the stakes have gone up as major advertisers get fed up with the inefficiencies associated with bot fraud, and demand bot-free inventory.
To be blunt, the chief reason that our industry is slow to adopt practical security measures is fear. Happily, fear is not a trait commonly associated with the marketing and advertising industry, where technology, math and science are quickly eating old assumptions and politics. Our industry is bold, and it is time we behave that way. We’re all in this together, so if you’re guilty of one or more of these, it’s time to reprioritize and take the right steps to protect the future of your brand and your business’s future. Your clients and trading partners will thank you for it.