Cyber security issues have permeated the boardroom and consumer consciousness. Don’t believe me? Here’s a test. Have you picked up a national newspaper in the last six months? If so, you will — without a doubt — have seen stories about cyber security. From the NSA’s Vault7 leak, Disney being (allegedly) blackmailed for ransom as hackers threaten to release what could be the next iteration of Pirates of the Caribbean, and, of course, WannaCry — the global ransomware attack that hacked thousands of Windows-based computers in mid-May.
These cyber incidents are only some of the most recognised ones of 2017. They capture the imagination and create mini media storms in their wake. It’s therefore no wonder that the industry is increasingly experiencing the ‘security FOMO (fear of missing out)’ phenomenon. Much like how every business is going through a ‘digital transformation,’ almost all technology brands want in on the security conversation. This is a good news, bad news scenario I’m afraid.
The good news is there’s a lot of momentum around security and there’s plenty of interesting topics to cover. The bad news is it’s a busy space and you genuinely have to stand out from the crowd if you want your opinion to be heard. Your brand has to ‘earn the right’ to speak about the topic, either by what your business is by nature, or through the provision of real, and new, insights (or controversial ones). And last, but not least, if you want to be seen, you have to get in there while there is still enough clear air to talk about the topic, as all your competitors and the wider industry will also be trying to get in on the action.
The ultimate question is, should your brand even have security FOMO?
It’s time that you and your brand did a little navel gazing on this topic. Firstly, question yourself about why you want to get into the conversation (if you are not a technology vendor in the security industry of course). For example, will being seen talking about security genuinely drive a specific business outcome, or is it a knee jerk reaction to what is being seen as a hot topic in your sector?
We also encourage you to have a look at your competitor set, and see what they’re saying about security. Speak to industry analysts, and your peers, and gain their views on the relevance of the conversations you want to have. Beyond this you will also need to have a really deep look at the security narrative playing out in the media and establish if you genuinely believe you can bring something new and different to the conversation. The caveat to the last point being that it can’t be something new about your product, however good it may be.
If you are not a security vendor, if your conversation will not drive a business outcome, and if you can’t in all honesty bring something new to the table other than your product then perhaps your security FOMO is misplaced. This isn’t bad news, in fact it is time to breathe a sigh of relief and a good reason to refocus on the topics that really matter to your brand.
However, if you have done your navel gazing and come to the conclusion that you definitely need to be part of the security conversation — excellent. You will also have realised that you probably have some work to do. Below is a list four key things that the most successful brands talking about security exhibit today:
1) Subject matter expertise — Levi Strauss once said “an expert knows all the right answers — if you ask the right questions”. This remains true, and it is for this reason that any brand looking to get into the security conversation has to be a subject matter expert, but not in the traditional sense. Today, brands need not know everything about the security landscape. I say this because it is simply changing too fast for anyone to keep up with. What a brand needs today is to narrowly define the key topics it can/is willing to talk about and anticipate all the scenarios in which it will come out having delivered that talking point or insight that no other brand has. The bottom line here is know your story, and know your limits. This will enable you to focus on the stories that really matter to your brand, instead of chasing the tail of every major cyber security incident in the hopes of getting a mention.
2) Challenging the status quo — can be a dangerous but very fruitful game. If you’ve analysed your industry and genuinely believe that you have something very different, new or out of the box to bring to the table, this approach could be your ticket to the big time so to speak. After all, journalists still love a bit of controversy. A word of warning however is that if you’re going to challenge long held views about cyber security, or respected security vendors, you have to have facts to back up your point of view. It could be third party facts, customer insights or even another vendor that sees the cyber security world your way.
3) The power of practical advice — as simple as it seems, there’s real power in providing practical advice when there’s panic all round. If your brand is able to provide simple steps to help protect individuals or businesses against cyber disasters, in the heat of the moment where there’s mass panic, there’s a very good chance that you will be included in the conversation. The key to this is that the practical advice needs to be actionable and preventative rather than only actionable in retrospect.
4) Speed and access — they say the early bird catches the worm, and in security nothing rings more true. The speed at which your brand can respond to a cyber incident with good, insightful commentary is critical to the success of any engagement you may be hoping for on the media front. You should ideally be able to provide initial commentary within 30 minutes of an incident becoming public, and have spokespeople on standby in case of media/industry interviews. It’s therefore our view that if you know your narrative, you can pre-prepare for some common scenarios. This might save you essential minutes, that then pushes you ahead of your competitors and key industry players. If you miss this initial wave of interest in the story it is critical to know, or work with a comms partner that knows, where next to insert your narrative into the conversation.
I acknowledge that there’s no easy solution to security FOMO, or FOMO about getting your brand’s views across on any topic. At the same time, the most effective organisations will make the choice to either take a valid and authentic stance within the conversation, or otherwise shift their focus onto the subject that will best-help drive their business objectives. Be sure you’re making the right choice.