May 3rd 2019

Babel talks security and crisis comms at the Churchill War Rooms

Former British Prime Minister Winston Churchill once said:

Success is not final; failure is not fatal: it is the courage to continue that counts. If you’re going through hell, keep going. Never, never, never give up.

Of course, Churchill was referring to the arduous times of World War Two, one of the ‘deadliest conflicts’ in our history to date. But almost 75 years on from the end of the war, Churchill’s words still ring true. But today, the battleground has changed – we’re now fighting a fierce cyber war, with hackers, nation states and cyber terrorists putting businesses and their customers through so-called ‘hell.’

So, it seems fitting that yesterday morning, the Churchill War Rooms – an underground bunker that became the heart of Britain’s military operations during World War Two – became the backdrop for a breakfast event Babel held discussing this new cyber battleground and how businesses can effectively navigate it.

Overlooking a crowd packed with comms and marketing professionals within security and IT organisations, Babel Director Jenny Mowat kicked off proceedings, explaining our motivations behind holding the event. The stark reality is, security breaches are a matter of when, and not if, for companies of all size and sector globally. In 2018 alone, we witnessed just shy of 1000 data breaches taking up column inch after column inch in media outlets, and consumers were left scratching their heads as to why their favourite brands didn’t really seem to care about their personal data being stolen by hackers.

This prompted GDPR – legislation that would force organisations to think again about how they were securing sensitive information, or else face the legal and financial consequences. Almost a year on from it becoming law, we’re still seeing businesses struggling to become compliant, and Brexit may complicate matters for organisations that move data between the European Economic Area and the UK.

Hackers don’t always have the same goals and motivations, but if organisations have valuable data to lose, they can and will target them for their own gain. So, if you know your business could be a target for cyber-attack, what can you do to limit the damage to your organisation, employees, customers and bottom line? How can you salvage your reputation? As an outsider looking in as companies are breached, how can you add valuable insight to the debate when speaking to media?

With those questions in mind, we turned to our esteemed panellists to provide some food for thought for our audience. The panel, made up of Sophie Curtis, Technology and Science Editor at The Daily Mirror, Danny Palmer, Senior Reporter at ZDNet, Jack Stubbs, European Cybersecurity Correspondent at Reuters and Dan Raywood, Contributing Editor at Infosecurity, had some interesting insights to share about how to approach their respective publications, either with comment on another company’s security faux-pas or information on your own organisation’s breach.

The common themes from all panellists were:

  • Don’t fob journalists off – be open, proactive and willing to share information (provided it’s factual and you’re able to share it) if you’ve been breached or hacked.
  • On the flip side, if you’re commenting on another company’s incident, be opinionated, colourful with your language and available should the journalist want to speak to you further.
  • For the likes of ZDNet and Reuters, unless you’re the company who has been breached, or you have specific and unique insights into an incident, then don’t bother hitting send on that generic comment you’re blasting out to everyone. It won’t get you coverage.
  • Jack Stubbs of Reuters likened unsolicited comments from unknown companies to ‘someone you don’t know offering you a sandwich on the street.’ Would you accept that sandwich?
  • For pitching contributed articles to Infosecurity and similar titles, exclusivity is the word of the day. Don’t pitch the same topic to five publications, and don’t offer a theme that has been exhausted on the website already. Pick a new angle– this will grab the attention of the editors.
  • Pack your content with opinion rather than context – the more opinion, the better.
  • Know the readership and remit of the publication you’re targeting and ensure you have something to add to the narrative before you pick up the phone to media.

After the panel discussion, we then divided attendees up into three groups, and provided each with a specific task: you’ve either been breached, or you’re a company that wants to comment on a company that has suffered a breach. If you’ve been breached, how do you tackle the media? Which stakeholders do you need to speak to and when? What steps do you need to put in place to remedy the situation and stop it from snowballing? If you’re commenting on someone else’s potential demise, what sort of comment would you put together? Would you even comment at all? Who would you target? All of these questions and more were explored in a peer level workshop discussion and concluded with a Q&A of our panellists on a variety of topics, ranging from Huawei to dream spokespeople.

All in all, the event was a fantastic platform to bring journalists and companies together to dispel some myths and inform one another on concerns, challenges and how to cut through the noise of a very saturated, fast-paced sector. We thank everyone that was able to join us yesterday at the Churchill War Rooms, panellists and attendees alike! If you weren’t able to attend, and you’d like to speak to Babel about our crisis comms packages, our work with clients in the security sector, and how we achieve cut-through with a breadth and depth of media, then please do get in touch and we’d be happy to help!


Sarah Alonze
Sarah Alonze DIRECTOR