By Doug Cunningham, CTO of Forrit. Forrit were finalists for the ‘Best Platform-as-a-Service / Cloud Middleware‘ award at The 2024/25 Cloud Awards.

For over a decade, marketing and IT teams have been locked in a tug-of-war over control of the marketing technology (MarTech) stack.

This ongoing struggle highlights fundamental differences in their priorities: marketers aim for agility and creativity, while IT prioritizes security, compliance, and stability. But this conflict doesn’t have to continue. With the right approach, marketers can maintain control of their MarTech stack while addressing IT’s valid concerns about security and compliance.

Who Has Control Today?

Recent data from G2 shows that marketing teams currently have the upper hand. A majority of organizations (60%) place ownership of the MarTech stack in the hands of marketing or marketing operations teams. This autonomy allows marketers to quickly deploy, manage, and adapt tools to keep pace with dynamic consumer expectations and deliver hyper-personalized experiences.

However, the tide is shifting. IT departments are increasingly reasserting control, driven by the proliferation of advanced technologies like artificial intelligence (AI). According to the Influencer Marketing Hub AI Marketing Benchmark Report: 2024, 69% of marketers already integrate AI into their operations. While AI tools make it easier for marketers to innovate, they also raise new concerns for IT teams regarding data security, compliance, and ethical use.

Conversations with Forrit customers confirm this trend. Marketing teams are enthusiastic about embracing new technologies but often lack the technical expertise to assess their risks fully. IT teams, in turn, become uneasy, especially when they’re excluded from decision-making processes. This friction risks derailing the collaborative potential between these two critical business units.

Additionally, as the landscape evolves, factors such as regulatory compliance and data privacy add complexity. For example, the General Data Protection Regulation (GDPR) places stringent requirements on how customer data is managed. Failure to adhere to these standards can result in significant penalties, creating a heightened need for both teams to align on technology choices. IT teams often view this regulatory environment as a justification for greater oversight, further challenging marketing’s autonomy.

Another emerging trend is the increasing reliance on composable architectures. These architectures allow marketing teams to integrate best-of-breed tools to create highly tailored MarTech stacks (Gartner). While this approach offers unparalleled flexibility, it also introduces additional layers of complexity. Managing multiple integrations without IT involvement can lead to misconfigurations, data silos, and, ultimately, security vulnerabilities. For marketers to fully capitalize on the potential of composable architectures, they must proactively involve IT teams in the initial design and ongoing maintenance of their stacks.

How Can Marketers Secure Their Control of the MarTech Stack?

For marketing teams to maintain control of the MarTech stack, they must address IT’s concerns proactively. One key step is prioritizing security in their technology decisions – an area where marketers have historically fallen short.

According to G2’s research, just 1% of businesses prioritize security compliance when selecting MarTech solutions, and 54% of software buyers admit to bypassing IT vetting entirely. This lack of focus on security raises alarms for IT departments and fuels their efforts to reclaim control.

To reassure IT and maintain ownership, marketing leaders must:

  • Recognize that security is a shared responsibility.
  • Include IT in the vetting process for new tools.
  • Choose solutions that align with both marketing and IT requirements.

Beyond these steps, marketing teams can adopt a more structured approach to building trust with IT by implementing the following strategies:

  1. Educating Marketing Teams on Security Basics: Many marketers lack a fundamental understanding of cybersecurity risks. Conducting training sessions on topics like phishing, malware, and data encryption can help bridge this knowledge gap and demonstrate a commitment to security (Cybersecurity and Infrastructure Security Agency).
  2. Establishing Clear Governance Policies: By defining roles and responsibilities for both teams, organizations can minimize conflicts and ensure accountability. A governance framework that includes regular check-ins between marketing and IT can facilitate smoother collaboration (Forbes).
  3. Investing in Joint Tools: Tools that provide visibility across departments, such as security dashboards or data analytics platforms, can help both teams stay aligned (TechTarget).
  4. Balancing Speed with Security: Marketing’s drive for agility should not come at the expense of security. Establishing clear protocols for rapid yet secure tool deployment can empower marketers without increasing risk. For instance, pre-approved lists of vendors or sandbox environments for testing new tools can strike this balance effectively (CSO Online).
  5. Creating Incident Response Plans: Marketers should work with IT to establish protocols for responding to security breaches or system failures. Knowing how to act swiftly and effectively in such scenarios can reduce downtime and build IT’s confidence in marketing’s ability to manage technology responsibly (NIST Cybersecurity Framework).
  6. Fostering a Culture of Collaboration: The relationship between marketing and IT often suffers from a lack of mutual understanding. Encouraging team-building activities, cross-training, or joint brainstorming sessions can improve communication and foster a spirit of collaboration (Harvard Business Review).

By embracing a collaborative approach to security, marketers can demonstrate their commitment to safeguarding the organization’s data and reputation, making it easier to retain autonomy over their tools.

The IT/Marketing Disconnect

One of the biggest challenges in this debate is the disconnect between how marketing and IT perceive security risks. Forrit’s data underscores this disparity:

  • 60% of marketing decision-makers believe their websites are secure, with minimal vulnerabilities.
  • Only 40% of IT decision-makers share this confidence.

This optimism among marketers often stems from a lack of awareness about the specific vulnerabilities in their technology stack. For example, open-source content management systems (CMS), legacy software, and siloed platforms frequently expose organizations to significant risks, including:

  • Cyberattacks: Open-source plug-ins, often developed by third-party contributors, can be compromised, giving attackers access to sensitive data (OWASP).
  • Outages and Interface Failures: Poorly managed systems are more prone to crashes and functional issues, damaging the user experience (Gartner).
  • Uncontrolled Content: Nearly 44% of respondents in Forrit’s study admitted they don’t have full control over their website content, creating additional vulnerabilities (Forrit).

These risks are well understood by IT teams, which explains their hesitancy to grant marketing free rein over the MarTech stack. Bridging this gap requires better communication and mutual understanding between the two departments.

Marketers can take the initiative by engaging IT teams early in the decision-making process and providing transparency about their objectives. For example, rather than presenting IT with a completed tool selection, marketing could involve them in the initial evaluation phase, creating a sense of partnership and shared responsibility. Additionally, setting up cross-departmental workshops or security audits can help both teams align their priorities and identify areas for improvement.

Another area for improvement lies in shared performance metrics. Marketing and IT often operate on separate key performance indicators (KPIs) and have different objectives and key results (OKRs), which can lead to misaligned goals. Creating shared KPIs and OKRs can help unify their efforts and turn ambitions into achievements.

Additionally, leveraging technology such as artificial intelligence for predictive analytics can enhance both teams’ understanding of vulnerabilities and opportunities. This shared insight could create a foundation for more effective decision-making and better alignment on strategic goals.

What’s So Wrong with IT Simply Taking Control?

At first glance, it may seem logical to let IT take the reins. After all, they have the expertise to address security and compliance challenges. However, sidelining marketing comes with significant downsides, particularly when it comes to delivering personalized customer experiences.

Personalization is a cornerstone of modern marketing. Research from McKinsey & Company reveals that companies excelling at personalization generate 40% more revenue than their competitors. Achieving this level of success requires a high degree of flexibility and creativity, which can be stifled if IT assumes control.

Moreover, personalization depends on customer trust. Consumers are becoming increasingly selective about where they share their data, especially in light of stringent regulations like GDPR and the decline of third-party cookies. A secure website fosters trust, encouraging customers to share the information marketers need to create tailored experiences (GDPR Overview).

Security, then, is not a barrier to innovation but an enabler of it. By prioritizing secure technologies, marketing teams can build the foundation for both compliance and creativity, ensuring their strategies remain effective and adaptable.

This balance between security and creativity is especially critical in sectors where customer trust is paramount, such as financial services or healthcare. For example, a bank’s ability to deliver personalized loan offers hinges on its capacity to protect customer data. Similarly, a healthcare provider’s marketing team must ensure compliance with HIPAA regulations while promoting patient-centric services. In both cases, the MarTech stack plays a pivotal role, and marketing teams must demonstrate they can manage it responsibly.

Another critical issue arises from the pace of technological advancement. AI and machine learning have introduced unprecedented opportunities for personalization, but their implementation often requires extensive IT involvement. If IT controls the MarTech stack entirely, marketing teams risk losing the agility needed to experiment with and deploy these cutting-edge technologies effectively.

Additionally, over-reliance on IT for MarTech operations can lead to bottlenecks that stifle innovation. IT teams, often burdened with managing enterprise-wide infrastructure, may lack the bandwidth to support marketing’s fast-paced needs. This misalignment can result in delayed campaigns, missed market opportunities, and diminished competitive advantage.

A Secure CMS is a Future-Proofed CMS

The foundation of a secure MarTech stack begins with the CMS. Modern, cloud-based solutions offer the security, scalability, and flexibility needed to address both marketing and IT priorities.

Key features of a secure CMS include:

  • Cloud-Native Solution: Leveraging the robust security infrastructure provided by Cloud platforms such as Microsoft Azure ensures compliance with industry standards and minimizes vulnerabilities.
  • De-Coupled Environments: By separating content creation from delivery, marketers can innovate without exposing critical systems to unnecessary risks (Gartner).
  • ISO 27001 and Cyber Essentials Accreditation: Certifications like these demonstrate a commitment to best practices in information security (ISO).
  • Enterprise-Grade Reliability: Trusted by large banks and insurance companies, robust solutions deliver the dependability needed to support mission-critical operations (Forrit).

Beyond technical features, a secure CMS also supports long-term organizational goals. For example, it can integrate seamlessly with analytics platforms, enabling marketing teams to measure campaign effectiveness without compromising security. It also simplifies compliance reporting, reducing the administrative burden on both marketing and IT teams.

Furthermore, a secure CMS ensures scalability. As organizations grow, their CMS must accommodate increasing traffic, content, and integrations without sacrificing performance or security. Cloud-based solutions excel in this area, offering the flexibility to dynamically scale resources up or down as needed (Microsoft Azure).

Secure CMS platforms also allow marketing teams to consolidate their operations, reducing reliance on multiple tools and mitigating the risks associated with fragmented systems. By centralizing content management, marketing teams can gain greater control, improve efficiency, and streamline collaboration with IT.

Conclusion

The battle between marketing and IT over the MarTech stack is both unnecessary and counterproductive. By prioritizing security in their technology decisions, marketers can retain control while addressing IT’s legitimate concerns.

A secure CMS is the cornerstone of this approach. It enables marketers to build trust with their customers, unlock the full potential of personalization, and maintain the flexibility needed to innovate. At the same time, it reassures IT that critical systems and data are protected.

Ultimately, the key to resolving this conflict lies in collaboration. Marketing and IT must work together to build a MarTech stack that balances creativity with security, ensuring the organization’s long-term success. With the right tools and strategies, this partnership can transform the MarTech stack from a source of contention into a driver of growth and innovation. By fostering mutual trust and leveraging secure, modern technologies, organizations can achieve a harmonious balance that benefits both teams and, most importantly, their customers.

Why Choose Forrit for Your MarTech Needs?

In today’s fast-paced digital landscape, businesses need technology solutions that not only keep up with innovation but also prioritize security, scalability, and ease of use. Forrit is the trusted partner that empowers organizations to achieve all these goals with confidence.

Forrit’s CMS platform is built for the enterprise, offering unparalleled reliability, flexibility, and robust security. Trusted by major banks, insurance companies, and global enterprises, it is designed to handle the complexities of modern business operations. Its cloud-native architecture provides industry-leading security measures, ensuring the protection of sensitive data and compliance with regulations such as GDPR. Additionally, Forrit’s scalability ensures your platform grows effortlessly with your business, accommodating increased traffic, content, and integrations.

Marketing teams love Forrit for its user-friendly interface and modular design. The platform’s composable architecture enables marketers to easily integrate best-of-breed tools, ensuring agility and creativity in campaign execution. With Forrit, marketers can maintain control over their MarTech stack without sacrificing collaboration with IT teams.

Collaboration is at the heart of Forrit’s philosophy. Its integrated dashboards and analytics capabilities bring marketing and IT together, ensuring alignment on priorities and real-time performance tracking. Forrit’s focus on secure content delivery and streamlined operations makes it the ideal choice for businesses seeking to balance innovation with accountability.

Elevate your organization’s digital strategy with Forrit – the platform that bridges the gap between marketing and IT, enabling both teams to thrive. Experience the future of content management and see how Forrit can empower your business today.

About the Author: Doug Cunningham

Doug’s 25 years of experience in software development and enterprise architecture have made him an expert at delivering large-scale projects that improve business processes and customer experiences.