Cyber-security marketing and PR: staying ahead of the game


By in Vertical content hubs
On October 10, 2021


Quick Links:

    1. How your cyber-security marketing can make an impact in 2021
    2. The biggest data breaches of 2019 and their PR responses
    3. Talking TechComms: cybersecurity awareness month
    4. Why having shy customers doesn’t have to hinder your cyber-security marketing strategy
    5. Solving the internal communications gap
    6. Why clarity in external cyber-security messaging is key
    7. Cyber-security marketing: Building out a spokesperson matrix
    8. Do cyber-security brands need to maintain a serious tone of voice?
    9. Talking TechComms: Building a cyber-security brand
    10. Landing a media briefing at cyber-security trade shows like Black Hat

How your cyber-security marketing can make an impact in 2021

By Sam Pudwell

We know that 2020 was a testing year for marketing and communications professionals. Brands had to pay especially close attention to the tone, authenticity and ‘humanness’ of their messaging – which some managed more effectively than others – while considering how Covid-19 impacted the language they use.

It was also never more important to engage target audiences in a way that addressed their specific needs and concerns. The challenge is that these can be significantly impacted by disruptive events like a pandemic, which is exactly what we saw in the cyber-security industry.

As a result, cyber-security companies had to adapt throughout 2020 based on customers’ evolving requirements. This, combined with the increasing level of competition in the industry, is putting pressure on cyber-security marketing teams as 2021 gets underway.

Shifting customer needs

Throughout last year, businesses were forced to react in different ways to keep themselves afloat during the pandemic. The most obvious was the need to adapt operations to cater for remote working when lockdowns and social distancing measures were introduced. As a result, business priorities related to cyber-security shifted.

In a nutshell, businesses became significantly more exposed to cyber-threats. McKinsey explains: “They have been monitoring spiking threat levels, including a near-sevenfold increase in spear-phishing attacks, since the pandemic began. Remote workers are also being bombarded with attacks based on COVID-19-crisis themes that are taking advantage of delayed updates to email and web filters, and using social engineering to prey on workforce concerns.”

Budgets have also been affected. On the one hand, many businesses are planning for an enforced period of austerity, with more than 70% of security executives believing their cyber-security budgets for 2021 will shrink.

But on the other hand, certain industries are having to up their investments. The insurance, public sector, technology and financial services sectors are expected to slightly increase their cyber-security spend over the next 12 months, with healthcare set for an even greater increase. In terms of products, network security, endpoint security and identity & access management will draw the biggest spend – representing the growing need to safeguard remote workers from heightened attacks.

This all means that the messaging used by cyber-security companies had to shift throughout the year in line with these changing needs and challenges.

Heightened competition

Although the intense level of competition in the cyber-security sector is nothing new, it jumped to a new level in 2020. As explained above, this was partly due to the accelerated demand from a wide range of businesses amidst the shift to remote working – which will continue throughout 2021.

But it’s also because there are now fewer touchpoints to engage potential customers. The lack of industry trade shows and opportunity to physically meet prospects has pushed everyone online, meaning cyber-security companies are competing for attention in fewer channels.

Digital fatigue is a very real issue – another webinar, anyone? – and brands are having to work harder to get their voices heard. This is one reason why b2b marketing is becoming increasingly indistinguishable from b2c marketing, in an attempt to sway customers with more entertaining, engaging and emotional content.

Ultimately, companies now have to work harder than ever to build their brands and stand out in the crowd. But, when it comes to cyber-security marketing, there are a few tactics that will help them make an impact in the new year.


The first step should be to focus on building trust with customers and prospects by being direct and honest in all communications. Brands must demonstrate a knowledge of customers’ evolving pain points in a way that is clear and easy to understand. So ditch the jargon, and make it easy for potential customers to trust you.


Linked to this is the importance of being human. As prospects are being bombarded by marketing messages, cyber-security companies must find a way to connect with them at a more personal level. Try using more emotive content, show empathy and acknowledge the difficulties businesses are facing.


Companies still have a tendency to produce cyber-security marketing messages that promote fear, uncertainty and doubt (FUD). Scaring people into doing business with you is no way to build a brand, and could potentially backfire. Cyber-security companies need to address current realities in a way that’s educational and solution-oriented, and not fear-monger.


Finally, make it real. With customers under pressure to keep their businesses moving amidst so much disruption, they need to be confident that your product or service will deliver. Use case studies, customer stories and other proof points to demonstrate the tangible benefits you can provide and bring marketing campaigns to life.

2020 clearly demonstrated to businesses that being able to quickly adapt brand messaging based on what’s going on in the world around them is vital. This flexibility, along with the ability to create content that resonates with customers, will be key for cyber-security companies in the months and years to come.

Back to Top

The biggest data breaches of 2019 and their PR responses

By Lauren Johnson

As the new year begins, it’s a time for reflection the highs and lows of 2019. While many companies surged ahead with new product offerings, major funding rounds and record-profits, some others had to face one of the more sobering realities of our time – data breaches. As the majority of transactions and personal data storage have moved online, data breaches have unfortunately increased in regularity and magnitude. The appropriate response from affected companies – from a PR perspective – however, has remained the same.

We’ll be taking a look back at a few of the biggest breaches of last year and analyzing how the affected company responded from a PR perspective. We considered the following factors:

Capital One

As seen from these examples, a forthright and honest approach that puts the affected parties first is ultimately the best approach for brands facing a breach. Even that can’t always prevent negative fallout, especially when breaches affecting the sensitive data from hundreds of millions of customers are concerned. While the best solution for companies will always be to prevent breaches in the first place with better cybersecurity defenses, they should still have a crisis PR plan in place and spokespeople prepared to comment in case the unthinkable occurs.

Back to Top

Talking TechComms: cybersecurity awareness month

By Sam Pudwell

Taking place every October, cybersecurity awareness month is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity. It was started in 2004 by the USA’s Homeland Security, but has since been adopted by social media and IT security professionals around the world.

Awareness months such as this provide an opportunity for brands to engage a wider audience and use the topic as a springboard to boost their social reach. However, they have to be approached in the right way. With so many businesses competing for attention, just posting content for the sake of it isn’t going to have an impact.

In the latest episode of the Talking TechComms podcast, we spoke to London lorry Jacob Greenwood to get his insights into how businesses can successfully cut through the noise of Twitter awareness months. Check out what he had to say about formulating the right strategy, providing value for audiences and maintaining long-term momentum.

Back to Top

Why having shy customers doesn’t have to hinder your cyber-security marketing strategy

By Sam Pudwell

As we all know, the trusty customer case study is an important component of any PR or marketing campaign – no matter what the industry.

Case studies help businesses demonstrate how their product or service has been successfully implemented by customers. They provide an excellent proof point for a product’s value in a certain sector, and highlight how it can be used to address a specific business issue.

Instead of just talking about a product in theoretical terms, case studies allow brands to showcase practical applications. Most importantly, they help bring a (potentially dull) product to life by letting brands tell stories that are much more engaging than another self-serving press release.

However, not all industries have it easy where case studies are concerned. For example, finding customers willing to be used as case studies is notoriously difficult in the cyber-security space, primarily due to the sensitive nature of the topic.

So, how can brands use customers in their cyber-security marketing and PR strategies without placing them under the spotlight? Here are a few options.

Use their data, not their name

Virtually all modern cyber-security products collect a huge amount of data from the analysis of things like network traffic, device performance and employee activity. So, even if you can’t use a customer’s brand name, you might be able to use their data (with their permission, of course) to talk about what’s happening in the industry, or point to trends that align with your marketing messaging.

For example, a customer might have suffered a rare type of attack, or a variation of an existing threat that hasn’t been seen before. Or, multiple customers operating in the same industry might have suffered a similar attack within a short timeframe, suggesting that a specific type of company is being targeted.

This is all interesting data that could be used as part of a PR campaign addressing the wider threat landscape (think press briefings and speaking slots), or simply as a one-off piece of content like a blog or press release to showcase your expertise.

And the best part is that it can all be anonymised, so the customer in question doesn’t have to worry about its name appearing across cyber-security publications, blogs and social media feeds.

Remember, just because you can’t use a customer’s name, it doesn’t mean they can’t be useful in other ways.

Make the most of awards season

Another extremely effective way of showcasing and validating all the great work you’ve done with customers without publicly naming them is to enter into industry awards.

With competition in the sector continuing to intensify, industry awards provide a valuable opportunity to illustrate your cyber-security brand’s expertise. They also help to build credibility and authority, providing third-party endorsements that add weight to any PR or marketing strategy.

Winning (or even just being nominated for) an award from a respected industry body proves that your product really is as good as you say it is, which builds trust with both current and potential customers.

Most importantly, the finer details of the entry and the work you’ve completed with a customer can be kept private, so that they are only read by the judging panel. This enables customers to be used as part of your cyber-security marketing strategy, even if they are concerned about revealing business secrets to media.

Plus, who doesn’t enjoy a glass of prosecco and the inevitable shrimp cocktail that comes with attending an awards evening?

Get persuasive

Finally, it’s always worth trying to convince any reluctant customers about the benefits of taking part in a case study. Just remember to keep the following tips in mind:

Ultimately, it will always be tricky for cyber-security brands to find customers that are willing to be used as case studies. Cyber-security is a sensitive area, so many companies are understandably reluctant to talk about their experiences openly.

But, by thinking about how customer stories can be used in different ways – such as in award entries or through the collection of data – cyber-security brands can bolster their marketing strategies and get even more value out of their customer relationships.

Struggling to make the most of your customer references? Get in touch at to find out how we can help make your customers a central part of your cyber-security marketing strategy.

Back to Top

Solving the internal communications gap

By Emma Davies 

It seems we can’t go a single day without an unsuspecting Brit transferring every penny they own to a cyber-criminal. Whether it’s a fake millionaire on Tinder stealing $200,000, or a cyber-savvy team of investment charlatans convincing pensioners to part with their life’s savings, being a hacker really is a full time job.

Unfortunately, it’s an even bleaker picture for businesses. Small businesses are the subject of repeated cyber-attacks, with almost 10,000 attacks happening every day according to the Federation of Small Businesses.

From a cyber-security marketing perspective, the widely documented cyber-security skills gap across the nation has forced vendors to push themselves to the limit to capture the attention of the b2b enterprise market. For any ambitious cyber-security start-up, it’s an obvious choice to get the PR machine up and running: but a not so obvious choice as to when, or how to position the company.

Perhaps most importantly, it can be hard to know how to come up with a PR strategy that pleases everyone internally. For example, the staff actually working on coding and developing the product will probably want to tell a different story to the less-technically savvy sales and marketing departments, which can result in a confused message and impact stakeholder buy-in.

Due to the competitive nature of funding and the reliance on pleasing investors and the unpredictability of product development, cyber-security marketing teams can often find themselves between a rock and a hard place when it comes to getting everyone on board internally with PR across the business. So how can it be done, and what should you consider?

  1. Involve your security developers from the get go in a way that makes sense. Broad, brush stroke marketing statements do not often sit well with people who’s job it is to be the devil in the detail. Think about how they can contribute to the overall vision in a way which plays to their strengths and is likely to generate external engagement. For example, developing comments to respond to breaking news of cyber-security breaches, specifically how they could have been prevented, is a good way to showcase technical expertise and be useful to journalists.
  2. Find out what the investors and board members are looking for. Investors can often instigate a PR agenda by saying things like “We’d like to be in the Financial Times” or “XYZ is on the BBC, why aren’t we?” There needs to be a level of education on how to go from zero to hero, and a decent tech PR agency should be able to craft a plan to get there to keep those holding the purse strings on side. Managing expectations with an evidence-based strategy will be important in building momentum.
  3. Decide how PR will support sales. PR budgets can often be limited, which means it’s crucial to nail down what you want from activity. Driving sales, or lead generation can be a good way to focus PR content creation on the buyer audiences’ trade titles, and tools such as paid-for targeting on social media can stretch this content even further. But time spent on brand awareness in higher tier publications can also be reusable for sales meeting and funding pitches, so it’s crucial to decide early on where you want to focus your budget and the PR effort.

In traditional b2b tech PR, we often let customers do the talking on vendors’ behalf – as there is no greater validation than a happy customer. But we know this is not always possible in the security space, which means a renewed effort needs to be made elsewhere.

Crucially, the approach needs to be agreed internally to generate buy-in across the entire organization. If some kind of consensus can be agreed upon at the start of a campaign, it will allow you to put your best foot forward and use a PR agency in the most efficient way.

If you’d like to discuss further, feel free to email one of our cyber-security experts at

Back to Top

Why clarity in external cyber-security messaging is key

By Francesca D’arcy-Orga

From phishing and worms, to SIM Swap fraud and trojan horses, the cyber-security industry is filled with enough buzzwords and jargon to make your head spin. When you add in all the acronyms (IoT, BYOD, DLP, SIEM…), trying to navigate the world of cyber-security messaging can feel like peering through murky waters.

At the same time, cyber-security is now a top priority for businesses, as a security breach can have huge financial and reputational ramifications. Consumers are also becoming more cyber-security conscious, as conversations around breaches and data privacy regularly hit mainstream headlines.

For cyber-security companies, it can be easy to forget that not everyone is as immersed in the industry, or as familiar with the language, which is why it’s important that external messaging is jargon free and easy to understand.

Here are three reasons why clarity in your cyber-security messaging is key:

Our attention spans are getting shorter

The internet is awash with stats about our decreasing attention spans. As recently as June this year, a major study from academics at Oxford, King’s College London, Harvard and Western Sydney University found that using the internet is physically changing our brains, making our attention spans shorter and our memory worse.

In the digital age, we’re all constantly bombarded with stimuli. As content of all varieties becomes increasingly abundant, the human attention is pulled in every which direction, so should be treated as a scarce commodity.

For this reason, cyber-security messaging has to be as easy to understand as possible. People don’t have the time to try and decipher acronyms or unnecessarily technical language, so cut to the point and keep it simple. Whenever someone clicks off your content, you’ve missed an opportunity to create a connection, which is especially frustrating when it can be easily avoided!

Your audience is bigger than you think

Many companies can tell you in a heartbeat who their target audience is, whether that’s the CIO, CTO, senior decision makers, or “the person who manages the budget”.

But your audience is usually bigger than your sales prospects. What about the panicked CEO whose business has just been hacked? A journalist who’s researching for an article? Someone who’s gone down a rabbit hole and stumbled across one of your blogs?

All of these people will have a different level of understanding about what you do and the industry you’re operating in. Therefore it’s good to tailor your content so the messaging is appropriate for the relevant audiences. A news-hijacking comment delivered to mainstream media should have a different tone to a whitepaper for prospects, for instance.

At the end of the day, if your messaging is confusing and hard to understand, people are more likely to click away from your content and head to a competitor.

There’s too much at stake

Cyber-criminals are becoming more savvy, breaches are a regular occurrence, and enterprise and consumer data is under constant threat. As such, it’s never been more important for people to have a basic understanding of cyber-security.

Everyone in the industry—from security analysts, to CIOs, to journalists—has a responsibility to ensure they’re educating people on threats to look out for, and steps people can take to ensure hackers aren’t given the upper-hand. Jargon-free, easy to understand messaging is essential to this education process.

Other quick tips for improving your messaging include:

It’s no secret that cyber-security is fast becoming one of the most important issues for businesses and consumers, meaning clarity of messaging has never been so essential. After all, why should people take your advice or buy your product if they can’t understand even what you’re saying?

If you need help developing jargon-free messaging for your cyber-security company, get in touch!

Back to Top

Cyber-security marketing: Building out a spokesperson matrix

By Joel Khalili

For cyber-security brands, strength and depth are equally important when it comes to building out a spokesperson matrix.

As the public faces of the company, spokespeople are central to defining a brand’s voice and public perception. For this reason, selecting precisely who to put in front of press is a decision well worth taking time over.

Building out a spokesperson matrix is all about balance – between technical and non-technical expertise, too many voices and too few, individuals with passion and those with poise.

It’s also important to assess each opportunity as it comes, and ensure the best equipped and most suitable spokesperson is selected for the specific instance.

With all this in mind, here are a few key considerations for any cyber-security brand looking to build an industry-leading spokesperson line-up.

Variety is the spice of life

For many cyber-security marketers, the temptation can be to lean on a single individual for all press opportunities. Start-ups and scale-ups in particular tend to rely on the founder or CEO to spread the company word.

This inclination is perfectly natural. After all, it’s logical that the most high-profile member of an organization should be at the heart of its PR efforts. It’s also true that press are interested in speaking with decision makers, which means founders and CEOs are sensible candidates.

However, the range of discussions that take place within the cyber-security industry – from security and compliance, to the technology, to the human right to privacy – means it’s important for brands to provide varied, credible perspectives. Relying on one spokesperson alone for all press opportunities can bring about difficulties further down the line.

If journalists only ever hear from one individual, they can become reliant on that person and unwilling to hear from anyone else within the organization. After all, if they’ve enjoyed unchecked access to the CEO in the early stages of the organization’s development, why should they be persuaded to engage with anyone else?

Relying on a single spokesperson is also to neglect the depth of talent and expertise across a cyber-security business. Raising the profile of a variety of spokespeople from different areas of the business – technical, analytical and high-level – allows a cyber-security brand to paint a more complete and coherent picture of the challenges it is seeking to address.

However, there is one exception to the rule: broadly, journalists don’t want to hear from sales personnel. No matter how articulate, charismatic or credible the salesperson, the title triggers a suspicion that’s difficult to move beyond.

The right tool for the job

As with anything, it’s important to use the right tool (or in this case, spokesperson) for the job. Each media engagement is different and should be treated as such when it comes to selecting the most appropriate spokesperson.

For example, a written comment for a security publication on a breach resulting from a system vulnerability would represent a great opportunity to utilise the expertise of a technical spokesperson. Not only is the head of research, for instance, more credible than the CEO in this scenario, but they’d also be capable of providing more specific insight into the issue.

On the other hand, if a tech publication is looking for a perspective on the human issues at the heart of the cyber-security industry, or insight into the broader direction of the business, then the CEO is the obvious choice.

It’s also important to consider the abilities and qualities of your spokespeople. For example, is the spokesperson comfortable in front of the camera or microphone, or would they be better suited to authoring a comment or article? Is the spokesperson’s passion for the product likely to cause problems in a situation that calls for a measured response? Is the spokesperson likely to get caught up in the technical detail?

Taking the time to think about questions such as these and ensure you use the right person for each specific situation can spell the difference between success and disaster.

In a nutshell

When it comes to building out a cyber-security spokesperson matrix and cultivating an authoritative brand voice, it’s vital to tap into the whole breadth of expertise within the organization, as opposed to relying on a single spokeperson to provide insight.

Take time to consider the strengths and limitations of each spokesperson, and the kinds of media each could most effectively engage with. When selecting which spokespeople to use for which media engagements, context is truly king.

Back to Top

Do cyber-security brands need to maintain a serious tone of voice?

By Dan Simpson

When it comes to b2b industries, a serious tone of voice has historically been the standard. In recent years, though, companies have begun to relax this policy in favor of a more informal approach. Marketers are increasingly turning their attention to the employees of target businesses, rather than the businesses themselves. The result is a much more personal approach to brand marketing.

However, cyber-security is one b2b industry that has broadly remained untouched by the shift towards a more informal marketing style. Cyber-security’s tone of voice remains serious, measured and corporate, which can make it difficult for brands to stand out in today’s wildly overcrowded market.

There’s a belief within the industry that because data privacy is no laughing matter, tone of voice should always remain serious. But is it time for cyber-security marketing professionals to reject sincerity and embrace variety?

What are the alternatives?

According to a study by Global Market Insights, the cyber-security industry is expected to be worth $300bn by 2024 – more than double today’s figure. It’s clear to all that the industry is growing rapidly and, as a result, new players are continually entering the fray, looking to topple established cyber-security brands.

Though growth is an indicator of an industry’s health, greater competition makes it challenging for brands to distinguish themselves. This problem is made worse by the consistency of the tone adopted by cyber-security companies, characterised by its seriousness.

Sincerity isn’t the only option when it comes to conveying the importance of airtight cyber-security. So, here are a few strategies to introduce variety and individuality to cyber-security marketing:

    1. Speak their language

It’s important to remember that behind every purchasing decision is an individual, or set of individuals, that a cyber-security brand must reach. These decision-makers are people like any other!

One way to ensure a brand is accessible and relatable is to use colloquial and informal language in marketing materials and on social media. This way, the brand comes across as genuine and approachable, rather than severe and robotic. Contrary to the established belief, an informal tone doesn’t affect a brand’s credibility.

It’s also vital to instil a genuine enthusiasm for the product in employees of the cyber-security brand. This belief and passion will communicate itself to anyone who interacts with a staff member, whether in-person or online. An interaction with an enthusiastic individual can be far more compelling than materials distributed via official channels.

    1. Make them laugh

Laughter is the best medicine…unless you’re diabetic, in which case insulin is pretty high on the list. You have Jasper Carrott to thank for that one!

cyber-security marketing Noble meme

Joking aside, humor has many benefits when it comes to cyber-security marketing. It can allow brands to:

For example, we’ve been exploring this approach with our cyber-security client Noble, in the form of a meme marketing campaign. As a result of introducing (topic-relevant) memes and a humorous tone to tweets and LinkedIn posts, we’ve seen a significant boost in engagement.

Humor is a fantastic way to imbue a brand with personality, but it’s also important to remember that it doesn’t fit all occasions. For the greatest impact, humor is best used selectively!

    1. Cut the jargon

Like most tech-related industries, the language of cyber-security is ever evolving, and new industry jargon pops up with each passing week. However, from a PR and marketing perspective, the influx of technical language means that brands can struggle to communicate themselves to those who don’t operate within the cyber-security bubble.

The varying technical knowledge amongst audiences means it’s crucial for cyber-security brands to adapt the language they use to the specific situation, and cut the jargon where necessary. Whilst a network engineer will understand the technical lingo, a CEO almost certainly will not. It’s equally important to cater to both individuals when considering your cyber-security marketing strategy, because both personas play an integral role in the decision-making process.

Honing in on the human impact of the product, rather than dwelling on its features or the technical specifics, is a great way to reach all stakeholders and audiences with a story that will resonate. Though not everyone understands the nitty gritty, all parties understand the significance of the right to data privacy and the potential consequences of a breach.

Why so serious?

So, there we have it! Though there’s certainly a time and place for sincerity, it’s important for cyber-security brands to introduce variety and personality to their marketing strategy in order to differentiate themselves from the competition.

Employing tactics such as using colloquial language, leaning on humor when appropriate and avoiding jargon where possible can go a long way to establishing a unique and nuanced voice – something that all brands are striving for in today’s crowded cyber-security market.

Back to Top

Talking TechComms: Building a cyber-security brand

By Joel Khalili

Executing an effective cyber-security marketing plan can prove quite the challenge in a market environment that is more crowded and more cynical than ever.

As a result of the introduction of GDPR and a spate of high-profile data breaches affecting some of the world’s biggest brands, today’s consumers have become hypersensitive to the uses and abuses of their data.

What’s more, the likelihood of suffering a cyber-attack is on the rise. It’s not a case of if an individual or organization will be affected by a cyber threat, but rather when, with a new report suggesting that small businesses in the UK suffer around 10,000 cyber-attacks every day.

All this means cyber-security brands face heavy competition and scrutiny – from both consumers and business customers. So, what’s the best way to set about building a cyber-security brand in today’s landscape?

Honesty is the best policy

The first thing to remember when it comes to cyber-security marketing is that building trust as a cyber-security company is all about being direct, straightforward and honest.

Many companies make grand claims about their ability to solve all the world’s cyber-security problems, but this is simply impossible. The heavy-handed marketing strategies employed by legacy brands aren’t proving as effective in today’s market, and businesses are no longer as receptive as they once were. In reality, honesty is the best and only way to build trust.

Due in part to its technical nature, the cyber-security industry has always struggled to effectively communicate itself. New jargon appears with each passing week and, by focusing too heavily on the technical features of their products, cyber-security businesses have a tendency to forget the human impact. Cutting through the jargon and drilling down to the central issue – the right to data privacy, for example – is central to a successful cyber-security marketing campaign.

In the b2b cyber-security world, trying to remember that there’s an element of b2c at play is important. If a brand’s content demonstrates an understanding of business and consumer pain-points, and communicates these on a simple and human level, it gives itself the best possible chance of cutting through the noise.

Understand your audience

For a cyber-security business, building trust and communicating value comes down to really understanding the target audience. The audience for a cyber-security brand could be broken down into three categories:

These categories cover all the individuals that a cyber-security brand needs to reach within a business, but there’s no single set of messaging that can be applied across the board. Each audience requires a bespoke approach, because they look at their own business from inherently different perspectives. For example, a high-level audience will be most interested in the return on investment the business is likely to see for a cyber-security solution, whereas a technical audience will be more interested in the nitty gritty of how the solution actually works.

The other factor to remember is that the b2b sales cycle is also far longer than the b2c sales cycle. While a watch or a phone might be purchased on a whim, cyber-security solutions involve a more considerable outlay and therefore decisions aren’t made lightly. This means it’s important for brands to deliver consistent content across the whole sales cycle, designed specifically to address the issues that most concern each of the three audience types.

Be brave and collaborate

Businesses look for a cyber-security brand that is credible, well associated and stands out in a crowded market. Indeed, this could be the difference between a brand becoming a market leader, or shrinking into obscurity.

The cyber-security industry has been having the same old conversations since its conception, so we believe it’s important for marketing to be bold and daring. Brands should take pride in being different, and can even be a little provocative where appropriate.

Another cyber-security marketing tactic to help brands stand out from the crowd is to embrace collaboration. When building technology or software, collaborations can be extremely beneficial from both a technical and reputational standpoint. Collaborating with other well-known companies adds authority to a brand’s position, and shows that a business is transparent and open to conversation instead of being a closed book.

Finally, demonstrating an openness to collaboration positions a cyber-security brand as a modern organization in contast to the typical legacy attitude, which is characterized by suspicion and paranoia.

Partner with an agency

For an overburdened marketing team, employing the right PR agency can provide the support and strategic perspective needed to really carry a brand forward.

The agency relationship works well when it’s collaborative, not transactional. An agency should be there to validate the decisions made by the marketing team, or otherwise push back on those decisions with a justification for doing so. An agency should feel like a natural and integrated extension of the team, and not just a bunch of “Yes Men”.

An agency can also provide a macro perspective of the wider climate and related industries, to support the micro perspective of the internal team working within the cyber-security bubble.

Of course, knowing which agency is right for you can be easier said than done. For tips on navigating the tricky agency selection process check out our blog: How to make sure you pick the right PR agency.

So, effective cyber-security marketing comes down to 5 key tips:

For more insight into the challenges and opportunities of cyber-security marketing, take a listen to the latest iteration of the Talking TechComms Podcast!

In this episode, we sat down with one of our cyber-security clients, Noble, whose anomaly detection tool powered by deep learning sifts through tonnes of threat data and eases the burden on security analysts. Tala Baadarani, director of marketing at Noble, and our very own head of digital, Errol Jayawardene, joined our podcast host Sam Pudwell to talk cyber-security marketing and how to build an enterprise security brand. Find out what they had to say about jargon, transparency to prospective clients and the benefits of working closely with IT teams.

Back to Top

Landing a media briefing at cyber-security trade shows like Black Hat

By Justin Ordman

It’s that time of year again. Thousands of cyber-security professionals have descended on a sweltering Las Vegas for yet another Black Hat conference, which is taking place this week. Businesses have been prepping for this for months, with cyber-security marketing and tech PR professionals pulling out all the stops in order to rise above the noise of a crowded exhibition hall. While Black Hat offers a great opportunity for cyber-security companies to show off their latest and greatest innovations, it’s also a good opportunity for executives to meet with press and analysts face-to-face.

Unless you have the brand awareness of a Cisco or Accenture, or you’re a company with deep cyber-security marketing pockets, this is a lot easier said than done. For starters, press and analysts have limited time to meet with vendors – especially since they’ll be interested in attending several sessions throughout the week. Companies are also competing for face time with dozens (if not hundreds) of other vendors all vying for media attention, so you’ll need to be able to offer something a little more tantalizing to pique their interest.

Here are a few ideas to help secure yourself some briefings at any trade show, be it at a cyber-security show like Black Hat, or other tech-focused trade shows like Mobile World Congress or NAB:

Don’t take our word for it

I asked some media friendlies for some anonymous tips on what they look for when accepting briefings at trade shows. One editor at a top cyber-security trade publication said:

I take meetings with folks who are working on new research or findings, or have expertise in an area that I am writing about.

Another editor at a leading publication covering software-defined technologies had this to say:

A lot of it is based on the company and the exec being offered for an interview. About the company: is it one that readers care about and click on stories about? […] Have they been in the headlines recently for good or bad reasons? Do I think their technology is interesting and do I think readers should keep this company on their radar? If it’s a startup: are they doing something new and innovating that I want to learn more about and think readers should as well? And I also look at the executive being offered for the interview; a CEO, CISO, CTO, etc. is much more appealing than a product marketing guy.

It’s not always about coverage

Not every trade show media briefing will result in coverage – and that’s fine! Briefings for the sake of relationship-building are a great way to let press and analysts get to know you and your company and keeps you front of mind next time they’re working on an article or report they think you’d be a good fit for. Background briefings can also help establish trust and give media an opportunity to vet you as a potential future source.

Securing media briefings can be a time-consuming task – especially when timing is everything. Some media and analysts like to start planning their schedules three to four weeks in advance of a trade show. Others like to wait until the week before to still filling their calendars.

Need some extra hands with your cyber-security marketing? Drop us a line at

Back to Top

Back to Blog

Related Posts