Public Relations

The Art of Cybersecurity Public Relations

By Caitlin New


The cybersecurity industry is on fire and has been for years. The crisis-fueled nature of cybercrime creates easy kindling for fiery headlines. But in 2020, cybersecurity public relations cooled significantly in favor of a different kind of crisis: a global pandemic. Cyber breach news moments that would historically dominate for weeks became second to COVID-19 headlines. Now, more than two years later, cyber-crisis coverage is slowly heating back up.

Last month alone, there were several high-profile security breaches of popular consumer services, such as messaging app Twilio, streaming media service Plex, and password management tool LastPass. Crypto is also getting its fair share of hacking heat, with endless attacks on moving cryptocurrency and experts saying they’re unsure if this is a war we can win.

So what is the public relations opportunity for cybersecurity companies? In a world full of crises, how do cybersecurity experts work with the media to clearly articulate a story’s importance and the relevance of their brand?

1. Play The Long (And Deep) Game with Cybersecurity PR

First, understand while the number of reporters covering cyber headlines is still rebounding, the depth of coverage has increased significantly. Cybersecurity journalists play an increasingly important role in combatting cybercrimes and fraud through their coverage, which helps bring critical information sharing across industries and consumer education.

Take WIRED’s Andy Greenberg, for example. His deeply researched investigation coverage into the Kremlin’s most dangerous hackers shows immense industry insight while also helping government and private industry leaders understand the extent of the threat nation-sponsored hacking brings to U.S. infrastructure.

Brian Krebs is perhaps one of the best-known and longest-standing cybersecurity investigative journalists, and mainstream media frequently tap him to help put breaking cybercrime news into perspective.

Kim Zetter, a freelance cybersecurity reporter and author who writes for New York Times, Politico, Washington Post, Vice and others, not only deeply investigates current cybercrime and surveillance news, she also interviews a diverse set of experts, including the hackers themselves.

For these in-depth reporters, your priorities should be educating and building relationships with them. Show that your experts can go beyond surface-level commentary and work with your media contacts to get into detail about hot issues and breach events. Help them see what’s important about today’s cyber trends so they can supplement their coverage with those insights. You’re aiming to be helpful over a long period of time vs. reaching out occasionally in hopes they’ll cover your latest product news—because they won’t do that. If you’re looking for product PR, you need to take this to the trades.

2. Place Importance on Security Trade Publications

Trades like Security Today, Security Magazine and Infosecurity Magazine have a more relevant readership base comprised of cybersecurity and other business professionals looking for actionable information they can use in their day-to-day jobs. These publications provide in-depth reporting on current cybercrime news, and they’re more likely to accept expert commentary in the form of op-eds or contributed articles. They also tap cybersecurity companies for explanatory quotes in articles that add color and unique perspective to their fact-based reporting. And product news certainly has a place here if it’s relevant and interesting.

Keep the following in mind when looking to earn digital ink in these publications:

  • Your angle must show a unique point of view. Yes, we all know most breaches occur because of compromised employee accounts and third-party vendor access. We’ve read ad nauseam about how cyber hygiene starts from the top and that building security walls around critical data isn’t enough to safeguard critical data. What else can you say about the real-world cyber challenges companies face every day?
  • Your product announcements need to fit into a big-picture story. Don’t just answer what problems or challenges your new solution solves; discuss the current landscape and what the solution enables now that wasn’t previously possible. Does it change the game for your customers? Or is it simply an update to an existing solution (not as newsworthy)? Paint the full picture for your trade media partners.
  • Connect with the reporters and read their content frequently. Don’t hit them up only when you have news or something to say. Read their coverage daily or weekly to better understand and spot when you can jump in and be a helpful resource. Connect them to other sources when you can, and aim to be helpful wherever possible. This will build a mutually beneficial relationship that will come in handy when there is a breaking cybersecurity event to which you’d like to respond.

3. Stay On Top of Breaking Cybersecurity Events and Emerging Trends

Successful cybersecurity public relations depends on your ability to quickly offer media contacts your company’s perspective on the news. Responding to an event within just a few hours can be the difference between leading a conversation and not being included at all. Poll your cybersecurity spokespeople well in advance of breaking news to identify their POVs and understand how you’ll be able to contribute to the larger conversation. Get spokespeople and leadership approval on response themes and processes so you can move fast—wait too long, and you’ll miss the train.

Be reactive with events but also proactive in sharing cybersecurity insights regularly. Industry intelligence and resources will be vital in getting regular coverage and boosting your brand’s credibility. Know you’ll rarely get customer examples or be able to provide deep insight into how your solutions work due to the secure nature of the cybersecurity beast. Therefore, industry intelligence and resources will be key to getting regular coverage and boosting your brand’s credibility.

For example, you can pursue data-based stories highlighting breach trends; forward-looking reports examining how the next generations of machine learning will impact cybersecurity; or stories that tie cybersecurity vulnerabilities to everyday life—like driving a connected electric vehicle or installing smart home devices.

4. Finally: Add Value, Not Noise

A word of caution: don’t be an ambulance chaser; ensure you’re providing consistent and helpful commentary and information in your cybersecurity public relations efforts. If you don’t have anything impactful to say about a cyber issue or trend, resist the urge to participate because you’ll just be adding noise. And when a breaking news event occurs, be the brand that adds value, not noise. Do this regularly, and your media contacts will come to you proactively.

For more tips on strengthening your cybersecurity PR program with earned media coverage, explore our interactive e-book: PR’s Guide to Media 2022.