If your cybersecurity company is having trouble securing media coverage, it’s possible that you’re focusing on the wrong PR activities.
Cybersecurity PR has unique challenges and opportunities so if you’re not running a cyber-specific PR program, you’ll end up spinning your wheels.
In this article, discover how to grab the attention of cybersecurity reporters and raise your profile above your competitors even when you have no news. We’ll share key lessons learned over the past decade securing stellar media coverage for cybersecurity startups and increasing their share of voice in a noisy marketplace. Our results often contributed to successful exit journeys for our clients.
Rapid Response (a.k.a. Newsjacking)
Security publications are rarely interested in company or product centric news, unless the company is a major player. The vast majority of cyber media discourse centers on attacks and breaches: how they happened, the evolving impact and fallout, next steps that the victim is taking, profiles on the attacker, etc.. Many of these articles incorporate commentary from cybersecurity experts, which means you can secure media hits when you have no news.
As many of you know, UnitedHealth, Snowflake, and London hospitals have suffered major breaches during the last few months and each of these incidents have been written about extensively in security trades and business publications. When attacks garner headlines, a world of PR opportunities arise for many cyber companies, whatever your size or status. In fact, aside from producing your own research, commenting on attacks and breaches is by far the most effective way to secure media coverage.
We know from experience that your insights don’t necessarily need to be groundbreaking (though this often helps). For example, news of a major attack broke over a weekend and we reached out to reporters on a Sunday on behalf of a client who was available to comment immediately. The Wall Street Journal responded to our outreach and wanted a basic explanation of a ransomware attack since their readers are primarily a mainstream business audience.
Here are some guidelines of how to rapidly respond to breaking cyber news:
Understand what types of stories your company is best positioned to comment on - they don’t necessarily have to be related directly to your technology.
Pinpoint which executives can offer the best insights to further the story of a cyber attack. It’s often helpful for at least one of your analyst team members to be involved.
PR agencies can usually work with intelligent, broader insights which many execs at cyber companies can produce, and the bolder the statements you are prepared to make, the greater their chances of being published.
Speed is a key factor. Once a major attack breaks, security reporters are seeking immediate expert commentary, so it is really important to get something out within the first 2-3 hours. If you are looking to further a story and need to conduct research, time isn’t as pressing - a day or two would be acceptable.
Interested in learning more about working with Si14 Global Communications’ cybersecurity team? Book a call here to find out how we can increase your media exposure.
Thought Leadership
Producing original research is by far the strongest route to establish and enhance your company’s presence in the media and build relationships with reporters. What type of data can you produce internally? How long does it take to produce? Do you have the resources to commit to the endeavor? Insightful research can be evergreen, meaning we can push it out to the media at any time, but you’ll get the best results if your research is strongly linked to the current news cycle.
It’s important to note that your research cannot be self-serving (i.e. the key takeaway cannot be: ‘buy our technology)’. Research should primarily bring new insights to broader issues as per these examples in Forbes and Dark Reading.
If your company is unable to commit to producing research internally, or the data wouldn’t be of interest to reporters, or it is too sensitive to share, you can commission a survey. This incurs a higher budgetary spend but it can often be very effective, particularly if you work with your PR agency on developing the questions. Again, avoid a self-serving focus. It’s really important that the focus of the surveys isn’t tailored to promoting your technology.
The majority of cybersecurity trade publications also run thought leadership columns, creating opportunities to elevate your personal and company profile with bold, informed opinions. Opinion pieces are usually around 750-800 words in length, need to make a clearly defined point, and express a unique point of view. The topic also must be relevant to the current news cycle. Op-eds can’t be used to directly promote your technology in any way as they are placed via an editorial team. Our team interviews our clients’ key executives to assess who has strong opinions and is happy to share them in public. We conduct interviews to draw insights that define the direction of the article.
Conclusion
Many cybersecurity companies are surprised that the vast majority of media are not interested in covering company or product news, except that of globally recognized companies. If you invest time and effort in building out news announcements that reporters simply don’t cover, you’ll be wasting precious resources with few results to show for it. Understanding the cybersecurity media market is essential to achieving PR success.