In the world of PR, there are few fields more exciting and terrifying than the cybersecurity industry. It feels like every day we hear about a new breach, hack or vulnerability that has impacted an individual or organization. The numbers back this up; a recent cybersecurity report from research firm ThoughtLab found that the average number of cyberattacks and data breaches increased by 15.1% from last year. It’s essential for savvy PR professionals to stay up to date on the latest developments in the space.
However, monitoring the latest data security incident isn’t enough. Even though the number of outlets and reporters who cover the space has increased as the threat has grown, cybersecurity journalists demand more from the PR professionals they know. It’s not enough to share thoughts on the latest breach; rather, reporters are often looking for short and long-term insights and advice about the future of the category as well as the reasons the public should care.
So, how do PR organizations manage their relationships with cybersecurity reporters to garner coverage and showcase their clients as thought leaders in the space? It’s all in the approach.
Different data security reporters cover different verticals
One of the biggest misconceptions about the industry is that all cybersecurity media contacts are interested in the same stories. While cybersec journalists typically monitor the latest hack or vulnerability, how they cover the news changes from reporter to reporter and outlet to outlet. For example, journalists who focus on privacy and data concerns on big tech platforms may be intrigued by a pitch about a data breach on a major social network. But they would not be interested (and may even be annoyed) by an inbound about a ransomware attack on a local energy supplier. It’s best to prioritize research into the most appropriate reporters and outlets for a specific cybersecurity pitch.
PR teams should organize their contacts by vertical, separating outlets and reporters based on recent coverage. Note specific reporters or media organizations that can be helpful for the future. For example, if a reporter is focusing on stories about cybersecurity threats as students prepare to go back to school, make sure everyone knows that. Moreover, pay attention to the tone of data privacy stories. While data privacy doesn’t always overlap with cybersecurity, often reporters who take a strong stance or position in a privacy story may ask to speak with a cyber expert about the potential consequences of a breach. Monitoring and capitalizing on past interactions with reporters is often the simplest and most effective way to manage media relationships and turn pitches into wins. But pay attention to the broader story – a spokesperson can easily be quoted on the record criticizing a major company, one they may even work with from time to time, for inadequate privacy and cybersecurity measures. Context matters.
All breaches aren’t the same
Not only do the verticals for reporters in the cybersecurity industry vary significantly, but the types of incidents they cover and care about differ as well. Denial of Service (DOS) attacks are not in the same ballpark as ransomware attacks. Third-party data breaches, for example, require different insights and expertise than hacks that only affect a specific individual. For example, the access of unauthorized information from a telecommunications company by a cyber criminal will potentially affect all of the clients and users while a successful phishing scam on a specific shopper will likely only compromise that individual consumer. Thus, PR professionals need to have a basic understanding about the insights, research and sources to offer depending on the incident.
It’s often useful to separate the available data, spokespeople and insights into categories for outreach when the next breach happens. In addition, your cybersecurity spokespeople and clients may not actually be experts in all areas. Many have a specific area they focus on in terms of breaches and data compromises. It’s a misconception that cyber professionals already know everything about the industry, so understanding the expertise and focus on each side is key.
Use cybersecurity conferences and panels
Cybersecurity changes all the time, and more than nearly any other tech category, it offers a robust stream of industry conferences and meetings. Nearly every other week there are panels that highlight the cybersecurity landscape, its threats, current solutions and best practices. These panels offer constant opportunities to bring together cybersecurity companies, research firms, reporters and analysts who cover the category.
Always be building relationships
When conducting outreach for cybersecurity conferences, it’s not enough to simply offer a knowledgeable spokesperson for a panel or keynote. Savvy PR people use all available resources to showcase new research studies, data, and trends. Experts spokespersons can also offer opinions on recent attacks, industry moves, and regulatory issues.
PR teams can get the most out of conferences by offering media briefing opportunities even if they’re not for a specific story and don’t result in media coverage. In fact, one of the biggest mistakes PR people make is foregoing media meetings that don’t guarantee immediate placements. The relationship-building opportunities between media outlets and companies and their executives or third-party experts can generate long-term connections that pay dividends far into the future.