Becoming a trusted adviser on cyber security
The media landscape
Data breaches, cyber espionage, global companies have hundreds of millions of records stolen; private celebrity naked pictures leaked online, Yahoo!, Target, TalkTalk, Wonga, Tesco Bank, CHANGE YOUR PASSWORDS!!!
It may be rambling and incoherent, but the short paragraph above is a relatively accurate summation of the increasing cyber threat we’re facing and the media coverage around it. To put this in context, we started writing this report before the huge ransomware attack that took place in mid-May, affecting 150 countries and severely impacting the NHS! This attack unsurprisingly has pushed cyber security right to the top of the international news agenda, but even before this, you could barely go a day without reading about a new high profile data breach. As consumers and businesses; we are constantly advised on how to combat the risks we face when it comes to cyber security, but the deluge of information can make it hard to know where to turn.
The evolution of the technology landscape over the last ten years has had a profound impact on the world around us and our daily lives: the way we connect with each other, gather information, consume content, even order food and arrange travel. In the oft-repeated mocking words of HBO show, Silicon Valley, in many ways, this technology has “made the world a better place”. However, with the advent and proliferation of connected devices and growth of the Internet of Things (IoT), technology is also increasing the threat vector, as entry points for cyber criminals have increased exponentially. This has in turn encouraged a worrying increase in the frequency and sophistication of attacks.
From a media perspective, the result of this is blanket coverage of the challenges around cyber security and the impact of high profile attacks, but also a multitude of voices competing for that trusted advisor position when it comes to cyber security. Getting your message heard depends on the fast moving news agenda, but also on tapping into the types of stories and commentary different publications are most open to.
This report looks at the titles with prolific cyber security coverage, the four primary areas of conversation in relation to types of threat, and how vendors can make the most of the current media appetite for this type of content.
The state of the industry
The increasing threat vector has meant an influx of security companies with different offerings and advice, competing for share of voice. For both consumers and businesses it has become extremely difficult to know who to listen to and what approach to take to best mitigate risk.
The advice is myriad and often conflicting – in the immediate aftermath of many breaches, consumers will be asked to change passwords and adopt tools like password lockers to ensure a variety of secure passwords are used across services. But then on the flip side, we are told that the username and password combination is not a secure method of authentication anyway and companies should be the ones to change.
However, this is by no means the only way that breaches happen. Phishing is still one of the most common ways of extracting money from organisations, and it was reported recently that even Facebook and Google were conned out of $100m in a phishing scheme. Failure to install software updates is another key area of vulnerability – indeed, it has been reported that the attack that recently hit the NHS (among many other organisations) propagated through security holes in Windows XP software that had not been updated.
It is the seeming inevitability of cyber-attacks which is fuelling growth with opportunistic companies even now running Google ad campaigns for their services around searches for ransomware following the most recent global attack. The state of the industry has a knock-on effect on media coverage and as a result, media appetite for advice and new security breakthroughs is only set to grow.
New technologies, new opportunities
The steady stream of new connected devices launching to market, consumers’ willingness to share sensitive data online, and failure to back up and secure technologies and online domains all combine to create an environment of opportunity for cyber criminals. Yet it has also opened the market for new entrants, able to develop and offer innovative approaches to bolstering cyber security. These include companies creating cyber security software and hardware, as well as those on the edges of the industry, which can take advantage of media interest through the sharing of innovative strategies to reduce risk.
A cyber-attack on a consumer or business can come from literally anywhere and it is increasingly difficult to keep up with the constantly evolving attackers. It’s clear that consumers (and many businesses) still need to be educated on security best practice, but the ways in which end-users should protect themselves comprises just one part of media interest in the sector. Talk has also now, quite rightly, shifted to the role of network and technology providers in the battle against the hackers. Software developers, as well as those specialising in areas such as encryption, testing and threat detection equipment, and skills and training are also muscling into the fray, vying to get their voices heard. This makes for one extremely crowded marketplace.
Editors and journalists covering this sector will likely have little difficulty in sourcing content; the trick for those companies looking to achieve coverage is to make their content stand out from the crowd, their pitch specifically targeted to the publication, and their messaging reach the most appropriate audience to help drive revenues.
With this in mind, and ahead of Infosecurity Europe 2017, Babel PR undertook in-depth research into how the media is covering cyber security, what this means for vendor strategies, and the immediate actions they should take to make the most of the opportunities this new landscape presents.
What does Google think?
In order to provide a view into cyber security in the media, we carried out a Google search to track and analyse media coverage of this field on a more granular level. Google dominates the news space, so if your news isn’t being indexed by Google, it is pretty much non-existent. The search engine’s notoriously secretive algorithms are now better than ever in their capability to distinguish between real news and aggregator sites, so what we found via Google News provided us with what we believe is a pretty accurate gauge of what’s being read, and where.
As a search term, ‘cyber security’ is extremely broad, so we narrowed this down and examined the results related to four types of threat which pose a major challenge to businesses and consumers, which have provided major talking points in the industry for some time, and which receive consistent media coverage today:
We carried out a Google News search on these terms, compared media coverage and drew conclusions, identifying where vendors could get the highest return on their communications spend.
To make the data manageable we placed the following restrictions on the search:
- Time period: Q2 2016 to Q1 2017
- Search: via google.com (rather than a localised Google search)
- Via a UK IP address
- English language only
There are millions of other articles that could be identified and analysed, but the content our search turned up is that which Google’s algorithms have judged to be of the most relevance and interest, in relation to these specific sector terms, and which continue to be indexed and delivered in the results despite the passing of time. Arguably, that makes these results the most relevant for vendors operating in the cyber security space.
Ransomware in the media
Even before the global ransomware attack that hit recently, this type of hack was increasing in frequency and hitting a range of industries; a recent report estimated a 600% increase in ransomware attacks between 2015 and 2016.
Our initial analysis took place from April 2016 to April 2017 (before the NHS attack took place) so let us first consider this analysis before looking at the days following the ransomware attack that hit 150 countries in May 2017. It was notable in our research that widespread and frequent occurrences of ransomware attacks in the real world do not necessarily translate into wide-ranging coverage of ransomware-related stories in the media world. Articles on ransomware occurred the most frequently of all four search terms, but there was little diversity in the types of publication containing this content.
B2B, technology and business press dominated, which is likely a reflection of the fact that ransomware typically poses a greater threat to corporations, rather than consumers. Pitching stories on ransomware to IT business press may therefore seem an easy win for companies looking to gain coverage. However, the sheer volume of similar articles in these types of titles could result in a company’s name and message getting drowned out in identical content.
Unlike the other search terms, stories on ransomware did not receive much pick up from consumer and national press. Again, this is likely a result of the audience, which are not usually the main targets for ransomware. This lack of coverage does not necessarily mean there is a lack of interest from these types of publications, for this type of content. A national press journalist, bombarded by cyber security content on a narrow range of topics may be receptive to content on the lesser-reported area of ransomware, but this will need to focus on news-worthy angles such as comment on breaking news, new threats uncovered, the cost implications, or other original data. Above all however, a consumer or human interest angle is required for a story to gain any traction.
Also lacking in our search results are publications aimed at C-level execs in industries other than technology. It is the audience of these types of publication which are in the direct firing line for ransomware attacks, so ingraining your message with this group could prove communications effort well spent.
On Friday 12th May 2017 the number one breaking news story across the world was the ransomware known as WannaCry attacking the NHS and companies in 150 countries, causing massive disruption to systems and services. Unsurprisingly, in the space of a few days this elevated the term ‘ransomware’ from the tech and security communities to the global consumer arena. Indeed, the sheer volume of media coverage of ransomware surged hugely in just four days and the titles leading the coverage in this period were no longer tech and security trades titles, but national and international news outlets such as Reuters, The Telegraph, The Guardian, Forbes and the New York Times (see figure below).
There is obviously a myriad of companies commenting on this breaking news, attempting to get voices heard with advice and what went wrong. When a story of this magnitude breaks on the global news agenda, gaining share of voice is obviously challenging, but there are also opportunities. The important thing is to remember to differentiate your opinion and often, giving a point-of-view specific to a vertical can work well with sector press.
Malware in the media
The growth of the IoT in recent years and, in particular the huge volumes of low-cost, low-security connected devices flooding the market, means malware is a widespread and persistent problem. It may therefore come of little surprise that malware was the second most prolific search term.
The types of publication most – and least – likely to cover articles on malware are similar to that of ransomware. SC Magazine, a global publication focused on cyber security news and commentary, is the most prolific publisher of stories of this type. As such a pertinent issue in the industry, the level of coverage by this title is to be expected.
More notable is the fact that, of the top five publications for this term, three are news-first titles, with a fourth, TechRadar, covering both news and reviews. The volume of coverage by news titles of malware-related stories implies a heavily saturated market, with most of the articles analysed focussing on breaking news about weaknesses in certain devices or new types of malware being detected.
Obviously malware is often involved in other cyber-attacks where tactics like phishing or ransomware are used to deliver malware. This means that this is the term which may require the most consumer and business education. This could be delivered through the media in terms of warnings about malware threats, tips on protection and understanding exactly where these threats originate from in the first place. The media appetite for education is clear and the BBC even published a cyber-attack glossary in the aftermath of the WannaCry ransomware attack.
With this in mind, pitching a press release with a malware focus – this could be a developer of anti-malware software, for example – is therefore unlikely to gain media traction, with editor and journalist attention instead diverted to more compelling news stories.
There is, however, ample opportunity for companies to get their voices heard in news titles through the use of ‘expert comment’. Pitching a comment from a C-level exec on the back of a breaking story on malware could provide a route to those titles which frequently feature content of this type. With plenty of competition in this area, comment must stand out: honest opinion, devoid of technical jargon or marketing fluff, will likely go down well with editors and journalists looking to add depth to a news story.
Phishing in the media
Phishing scams involving email attachments are the main delivery vehicle for malware, according to Verizon, and attacks are widespread; a worrying 85% of organisations admit to having been victims of such hacks. No industry seems to be immune, and whilst this activity was once focussed primarily on financial institutions, other industries are now under fire.
Phishing grew by an average of more than 33% across the five most targeted industries. These have grown to include webmail/online services, payment services, ecommerce companies, and cloud storage/file hosting services, with this latter sector expected to replace financial services as the number one target of phishing.
It may come as a surprise, then, that our Google research found this to be the least covered of all four search terms. The disparity between the appearance of this and the other terms was also greater than that between any of the other three. In addition, the titles which did feature articles on phishing showed comparatively little variance; national/consumer press did not feature at all in the top 15 publications and news-first platforms were also comparatively scarce. Further, our results included a higher volume of technology focussed publications compared with the other search terms. One notable exception in the top ten is Fortune, potentially demonstrating the importance of this issue to big business, given the readership of this publication.
The absence of national/consumer press among those titles most frequently featuring this term is notable however. Of the four areas of cyber security we looked at, phishing is likely the area which consumers are most aware of, as many have been direct recipients of scam emails. Could it be that the ubiquitous nature of such attacks means that consumers are now au fait with this idea, and editors therefore see content related to phishing as being less likely to attract readers, or make for a compelling story?
On the other hand, companies could see the lack of national/consumer media coverage of this search term as an opportunity to get noticed in a widely-read title. Whilst there may not be anything new about phishing scams in general, hackers will always find novel approaches to target a wider range of industries. This means comment pieces and ‘top tips’ style content could provide a company with a more unique content pitch.
The lack of diversity in the type of titles which feature stories on phishing implies that companies which operate in this area could do well to cast their net further afield, including different content targets in their PR and communications campaigns. Targeting those industries which are reportedly part of the top five to be affected by phishing could also offer good return on your communications spend. B2B titles for the finance and ecommerce industries, for example, may be receptive to this type of comment, with vendors providing tips and guidance on falling into common traps. This could provide an effective platform for a company to make its voice and message heard away from the competition, and build media relations in new sectors.
However, like ransomware, since we conducted our analysis in April 2017, phishing has had a high profile shot to its news agenda value with the aforementioned story of Google and Facebook falling victim to a $100 million phishing scam. This has again piqued the interest in the national and international news agenda and led the Guardian to ask “If Google and Facebook can get scammed, how do you protect a small business?” Again, this shows a renewed appetite in the news agenda for a different perspective and advice on how to protect against a threat which is not necessarily new – a particular opportunity for small business and vertical focused press.
Spyware in the media
2017 brought a number of widely reported incidents on devices ‘spying’ on users. These included the highly cited report from WikiLeaks which detailed the CIA’s strategies for hacking smartphones and connected TVs and listening into the conversations of their owners, effectively transforming them into next generation bugging devices. The past 12 months have also seen repeated criticism – widely relayed by the media – of Google’s Android OS. Many apps were found to have bypassed security checks and to contain hidden spyware which, among other things, could track a user’s location.
Our research found content on spyware as a search term to fall behind both ransomware and malware in the level of frequency of media coverage of such content. As with all the search terms we analysed, both SC Magazine and The Register fell into the top five most prolific publishers of spyware-related content. In the case of this search, they dominated in their coverage, though content of this type is also of interest to consumer/national press, with BBC news featuring in the top ten.
Aside from the top two, there was a similar level of coverage of spyware related content in the subsequent five publications. These were all – unsurprisingly – business technology or security titles, aside from one: Motherboard. This is a sub-division of vice, and like its parent channel, targets a millennial audience with investigative reporting and multimedia content. In our research period, only one other search term – malware – was associated with this publisher.
The inclusion of Motherboard in our findings and its seeming interest to publish content on topics such as spyware highlights a potential opportunity some companies may be missing out on. Those wishing to reach a younger demographic may do well to extend their usual press lists to include more youth-oriented, edgy publishers such as this.
Most B2B and technology publications feature the standard mix of press releases, news and articles written in-house (though these are featuring less and less) as well as contributed features or blog post from vendors. Publishers like Motherboard on the other hand are generally more creative in their content output. For instance, a quick look at the ‘spyware’ results from Motherboard reveals a recent story-like series on the topic, as well as long-form features written by activists and journalists.
Many vendors likely see contributed articles in technology magazines as any easy way to get their voices heard. Indeed, the top ten titles which covered ‘spyware’ demonstrate continued appetite from such publishers, providing an easy content sell for vendors. This traditional content strategy does work, but vendors would also do well to diversify and complement this with new targets. Those Motherboard articles on spyware may not have been written by vendors, but in an examination of a sample from our results, many include vendor comment. Further, this comment arguably has more weight and credence than the traditional vendor-contributed features, given that many state that the quotes originate from interviews, and are mixed in with opinion from across the industry.
The issue of cyber security
The cyber security shock
In the past three years a number of factors have been increasing at a rapid rate: technology penetration (including in developing regions), the shift of data and resources to the cloud, and the number of technology-proficient people (and therefore those more easily skilled in hacking techniques). Meanwhile we have also seen the development of smart devices with lax security features, the growing sophistication of hacking techniques, the willingness of technology users to give up sensitive information, the bring-your-own-device trend in work places: the list is extensive.
Major news stories on the compromised security of well-known brands and individuals, as well as shocking, attention-grabbing type headlines (‘your smartphone is spying on you!’/ ‘bank cyber-attack affects millions!’/ ‘election hack!’etc.) mean that this is a subject which will likely stay in the public spotlight for some time to come.
As a result of this type of news coverage, cyber security vendors looking to publicise a press release on their latest solution may find little pick-up, with titles instead focussing their attentions on more newsworthy content with a human angle.
Most high profile security companies are concentrating on consumer-facing issues to generate a lot of their prominent media coverage, focusing on comment around data breaches and other impactful issues. While there is clearly a need to focus a substantial element of any PR campaign on consumer issues to win further share of voice in high profile media, a different approach is needed to make companies stand out in this crowded market.
Vendors should not lose sight of their target market either: whilst it may be a boost to the ego to see your company’s name in print in a national title, this will mean little to a readership with only basic knowledge of these issues. B2B titles and niche technology publications are worthy targets, though the sheer volume of cyber security content here means vendors must be original when it comes to content type and pitches.
Rather than jumping on the back of those headline-grabbing news stories, companies may do well to look ahead to issues and events which have a more direct impact on a business/technology readership – i.e. those people which are more likely to invest in your product or proposition. The General Data Protection Regulation (GDPR), an EU regulation which was approved last year and which must be ratified into member country laws by 2018, is one such example. Content can be generated around this issue, including messaging around a company/product in relation to the challenges associated with compliance, and hit a vendors’ target audience. Similarly, key cyber security events in the industry calendar can be utilised as means of sourcing content and reporting on key discussion points.
Vendors across the cyber security industry would do well to adopt a PR and communications strategy that involves actively seeking out timely developments and breaking news, which can be used as a vehicle for boosting coverage, in addition to providing a steady stream of thought leadership and issues-based comment to media to ensure a roadmap of coverage before, during, and after key shows on the cyber security calendar.
Content creation to drive PR
To stand out in a saturated market, vendors must take a fresh approach to content creation. Case studies, comment, profiles and press releases may still hold their weight in other B2B markets, but the sheer volume of content in the cyber-security space means other approaches must also be explored and exploited, such as video, long-form stories and investigative pieces. Relationships should be established with titles outside of the B2B world, to establish your brand as a go-to source for journalists looking to add colour to news and features.
As with the majority of B2B industries, whilst a vendor may wish to focus content on their product/solution, a B2B editor (and reader) will be far more interested in the human element, and how and why a product/solution impacts the industry. Instead of ad first, story second, content should be grounded in storytelling and include customer/user experiences where applicable. This will drive readers to a publication and build momentum around a vendor’s brand identity or messaging.
As mentioned at the outset, consumers need to be educated on current and future cyber security threats. As a company operating in this space, it’s no longer enough to use content as a platform to sell a product. As a result of increased awareness – and increased frequency – of attacks, all four of the keywords in our search are gaining traction with consumer and national media, and interest from all titles has increased dramatically in the last year alone. Consumers are receptive to guidance, so use content to educate; this has the added bonus of helping to position a vendor as an expert or thought leader in this space.
Companies love a product press release. In many B2B sectors these provide the bread-and-butter of the trade press. Our results have shown strong pick-up of all four search terms in news-first titles, however, this news coverage is dominated by compelling stories of high-profile hacks, big money losses, and security breaches with a high victim count. As such, a product press release from a vendor will see little pick-up.
Getting your voice heard
There is significant value for companies operating across the cyber security landscape in adopting a multipronged PR approach. To capitalise on the opportunity presented by the various subsets of the cyber security sector, vendors need to think outside the box to beat the competition, taking advantage of the opportunities the media landscape currently offers around these key terms.
Having said that, traditional approaches to traditional targets should not be forgotten. PR/media relationships with B2B publications remain essential, and should not be left at the wayside by vendors scrambling for national press coverage. Whilst requesting that editors include a backlink in a piece of submitted content can often fall on deaf ears – especially if a publication’s editorial guidelines prohibit this – B2B publications will always be more open to this than other media. Commercial relationships with B2B titles, whether based on ad spend or event sponsor/partnership should also be established and nurtured as these will likely affect an editors’ willingness to link directly to a contributing vendor’s website.
In light of our recent research into media coverage of the cyber security industry, we’ve drawn up a brief list of key takeaways. These can be taken on by any vendor and incorporated into PR and communications strategies to ensure success in an industry where media interest continues to grow.
- Make content original. Cyber security issues are covered by a diverse range of media; experiment with different content forms to go beyond traditional targets.
- Avoid tech jargon. Consumers may be increasingly falling victim to cyber security incidents, but this does not make them tech experts. There is ample opportunity to pitch to consumer/national press titles, and if a vendor takes this route, language and tone must be adjusted accordingly or else messaging will be lost.
- Make the news agenda your agenda. Cyber security threat is a global issue, with developments and breaking stories occurring worldwide and covered by global news media. Being alert to news announcements and responding quickly are of the essence: you want your CEO’s comment to be the first a journalist sees when they check their inbox.
- Don’t always go for the easy win. A title which regularly covers a certain type of cyber security story may seem like the best vehicle for your company’s message, and also the easiest to pitch to. However, content can easily get lost in a sea of similar voices and messaging. Instead, it’s worth exploring those publications where cyber security content is present in lower volumes.
- Go for the C-level. Cyber-attacks cost UK businesses almost £30 billion in 2016, so your advice, guidance – even shameless product plugs – will likely be welcomed by company execs. Include titles aimed at a C-level readership in content pitches.
- Ensure output of a steady stream of media announcements to drive media demand and build a drumbeat of on-going activity.
In our experience, unless funds are unlimited, there is no better way to gain and sustain attention and interest.