MarSecOps: "Marketing Security Operations, the idea is that security is not just the realm of website developers or the IT department anymore, but rather the marketing department has an equal if not greater interest in, and even responsibility to security."

Source: https://strattic.com/5-predictions-...

WHAT THE FUCKING FUCK? The marketing dimwits responsible for security? Whose IT competence ends at Powerpoint drivel?!

I LOLed so hard that I could have shat a cactus!

but! marketing methods inside of a IT Security division is extremly valuable.
Translating nerd speak into laymens terms to convice normal people to change their behavior.

@heyheni Marketing can't do that. Their job is to throw away all facts, make drivel free that is of content BUT that stirs emotions in order to make people do something stupid, usually shell out money.

Say hi to the Blockchain AI IoT solution that runs on Big Data that'll make an excellent security product!

🤮

@Fast-Nop yes. Most marketing people i've had the pleasure to work with are tech illiterates. Who sit next to the ceo's office and eat chocolate the whole day.

Never the less, the ability to use the language of advertisment for IT Security measures are invaluable. Because the security affects everyone in a company. And to adress everyone good design is needed.

if those creatures comes to be(I hope not) they will be the same as the other marketing does.

Will be the pretty face that speaks fluently and in a way mooore convincing than programmers do(at least my case) to the prospects so they'll buy the products that of course they don't develop, don't support and in many cases they sell with features that you know are not even planned.

Marketing would not be responsible for security but they are an essential part of client side javascript security, since client side marketing javascript can be 30% to 90% of the code that executes on your pages in your customers browser. There are knowledgeable tech people in marketing or other non-IT business functions who control the javascript container on the client, and that container controls whether a tag is present or not. That means they are involved in elimination of malicious javascript (e.g. magecart) during incident response. I would suggest educating the marketing people about the risk, and not dismissing them, since, for better or worse, they are extending the attack surface of your web app.

More specifically, MarSecOps refers to the operational aspects of client side javascript security; e.g updating and testing Content Security Policy headers or Subresource Integrity attributes, analyzing client side javascript scan reports, or implementing a process to assess the code integrity controls of third party javascript vendors. All of these controls require cooperation with the marketing and business folks in order to provide security and be operationally feasible - thus MarSecOps.

@bentallmadge and you know what? Marketing doesn't give a fuck about the security of their clients. They don't even care whether 5 trackers and 10 adservers slow down the website to a crawl.