Actively looking for a problem comes before constructing the cyber security solution

By Tom Lee, Account Director

During the must-attend cyber security event in the calendar, Infosecurity Europe 2019, the interdependent aspects of complexity, risk and resilience will be keynote topics. One of these three stands out above the rest for me, and that subject is risk. Risk management and mitigation have changed rapidly in only the last two years, in a similar vein to that of the wider cyber security industry itself. So, how has risk management changed, and what role has PR and communications played?

Image credit: KnowledgeHut

Up until the last two to three years, the cyber security industry had been dominated by technology that actively searches for and finds problems, rather than products that solve problems. While this might initially seem crazy, there will always be a place for technologies such as anti-virus and firewalls, because they do provide a base layer of protection – and so minimise risk.

We witness disruptive technology every day because, at Whiteoaks, we work with many fast-growth tech businesses, and these are largely innovative in nature. As a result of working directly with these clients, I’ve noticed two completely contradicting technologies emerge that require Chief Information Security Officers (CISOs) to have entirely different mindsets to adopt them.

The first is mitigation technology. While you might say this has been around for years, which it has, mitigation technology has had a spotlight shone onto it since data breaches have become what seems like a daily occurrence in a little under two years. This technology relies on is acceptance; acceptance that your organisation will suffer a breach of some kind. Moreover, when it does fall victim of a breach, the software and systems limit the damage.

The second is a technology that takes risk off the table almost entirely. We’ve been fortunate enough to work with a company that does this, and that’s Glasswall Solutions. The company’s technology, FileTrustTM for Email, is prone to scepticism because, in truth, even in a competitive market like cyber security, it’s such a rare find. Stan Black, the CISO of Citrix, succinctly explains how it works and how he no longer worries about risk in emails, here. It’ll be 60 seconds well spent, I promise.

And so the challenge that sits between both of these types of cyber security solutions being successful, and other disruptive technologies, is the same. Education. Our task as a PR agency has been to educate business customers across the globe and those operating across various vertical markets, of the value of these technologies. It’s almost impossible to change perceptions in the market without brand awareness. In most mature industries we’d advise that this can take three to six months to achieve.

However, cyber security as an industry isn’t as mature as others, and because of this, it’s possible to achieve significant impact in a shorter space of time.

Risk, and the inter-related topics of compliance and governance, will be a critical priority for journalists, vendors and customers at Infosecurity —and rightly so. The appetite for information and improvement is rife and therefore it’s an ideal opportunity to run a campaign after the show to raise brand awareness for your organisation. Disruptive, innovative cyber security is in demand, but only if you capitalise on the hype by speaking to the right influencers, at the right outlets to reach the right target audience. And for more on how we approach events for an integrated marketing approach, encompassing content, PR and social media, you can watch our latest webinar by clicking here.