With thousands of cybersecurity companies in existence, standing out has never been more challenging. However, a cybersecurity PR agency can help develop key messages that differentiate you from the competition, communicate these messages to the market, and secure valuable third-party endorsement from influential journalists and analysts via top-tier coverage.
But when it comes to cybersecurity PR, how do you choose an agency? And once you appoint an agency, how do you get the most out of working together? In this blog, we’ll tackle these questions and more to provide you with guidance for cybersecurity PR success!
How To Choose a Cybersecurity PR Agency
When looking to choose a PR agency for cybersecurity, asking your network for recommendations can be a great place to start. It’s also worth looking on Google and LinkedIn, and spending time on an agency’s website to get an idea of their approach, values, and expertise.
When researching cybersecurity PR agencies, look at their credentials to understand more about their experience and the results they’ve delivered for other similar companies. For example, do they have experience working with similar size and stage companies? Have they worked with clients with similar technical specialisms?
Most cybersecurity PR agencies will list some of the companies they’ve worked with on their website. However, it’s also a good idea to speak to them directly, as they can then prepare a bespoke credentials document, which may include case studies and references that aren’t on the website, and which will align their experience with your business.
Before speaking to cybersecurity PR agencies, however, it is worth establishing:
- What your budget for PR is. This can be a range, but as PR retainers vary, it is important to have an idea of what you can allocate so the agency can prepare a proposal accordingly. Again, it’s important to know whether you’re looking for PR on an ongoing basis (retained), or for a specific project. Cybersecurity PR works best when it’s consistent, enabling companies to increase coverage over time, build their presence in the media and build relationships with target journalists and analysts. For this reason, retained programmes are almost always more impactful than standalone projects.
- Why you’re looking for cybersecurity PR. For example, the personas you’re looking to reach, capabilities you’re looking to promote, or markets you’re looking to enter. On an initial call with a PR agency, they will likely ask you questions to fully understand your objectives, so being clear on what you want to achieve will help inform your recommendations.
- Your USPs over your competitors. Good cybersecurity PR should want to find ways to communicate your USPs to market, so having a clear handle on these will be helpful.
It’s worth asking to meet your main point of contact and/or the full account team at an agency before you hire them so you can get to know the people you’d be working with. While it’s not possible to guarantee coverage in PR, it’s also good to ask what kind of results you would expect to see and when, how the agency will measure success, and what input they’ll need from you to ensure you can provide the necessary support to make the programme as impactful as possible.
Hiring a Cybersecurity PR Agency
Once you’ve decided which agency you’d like to work with, they will prepare a contract with a suggested scope of work. Because PR requirements can change quickly (for example, your company could want to make a major acquisition announcement or a piece of legislation that supports your solution is introduced), speak to the agency about what happens if your priorities shift. Most agencies will recognise that activity frequently needs reprioritising, but it’s always helpful to confirm.
A good cybersecurity PR agency should want to work as an extension of your team, so if there are particular tools your company uses – for example, Slack – ask your agency whether they can be added to your company channel to streamline communications. Your cybersecurity PR agency will likely ask you for information to help them get to know your business and better identify opportunities, so being able to share messaging documents, details on personas and marketing plans can be hugely valuable. An agency should also be able to put NDAs in place so you can be confident that any sensitive information will be protected.
Discussing your desired results with your agency at the start of the relationship is also important. Different publications will have different criteria for what they’ll cover; for example, a niche tech product upgrade is never going to make the front page of the FT. But, if business media is a key target for you, your cybersecurity PR agency can give guidance on what it takes to get coverage and suggest ideas to help you get there.
Making the Relationship a Success
Great cybersecurity PR results are achieved when there’s a foundation of trust, communication, and respect. The PRCA, one of the world’s largest professional PR bodies, publishes a Client Consultancy Partnership Charter, which offers helpful guidance for both parties to optimise the working relationship.
As the Charter states, “we believe that working together in partnership can foster a rewarding and mutually respectful relationship which will help all parties deliver their business goals,” and recognises that the quality of the agency’s work is in direct correlation to the quality of the client’s input. It also has helpful guidance on setting scopes of work, agreeing deadlines, communication and AI, and is a great place to start when kicking off a relationship with a cybersecurity PR agency.
How To Do PR After a Cybersecurity Breach
In addition to building your brand and supporting your corporate communications strategies, cybersecurity PR agencies can also support your business following a breach – and many will provide dedicated crisis communications support even if you’re not a current client.
When it comes to PR after a cybersecurity breach, each situation is different, so there isn’t a one-size-fits-all solution. However, it is critical to act quickly to notify key stakeholders about the incident and ensure that those impacted can take the necessary steps to protect themselves. As such, you should always let your PR team know as soon as there is a breach, and they will be able to advise on when and how to communicate to customers, employees, shareholders, partners, and, if applicable, the press. They can draft vital content such as holding statements and customer notifications, manage media relations, ensure people receive important information, and prepare your executives for any briefings.
A cybersecurity PR agency can also help prepare your company for a cybersecurity breach. The old adage “fail to prepare and prepare to fail” is particularly applicable when it comes to cyberattacks. With cyberattacks surging, impacting organisations of all sizes, companies should ensure they have a tested crisis communications plan in place and spokespeople trained in the necessary processes. A cybersecurity PR agency can help develop this plan with you, and conduct an immersive training session to help your team feel comfortable with crisis best practices and communicating under pressure.
Foundations for the Future
Appointing a cybersecurity PR agency is an important decision, that requires investment and commitment on both sides. For those companies who’ve never worked with a PR agency before, asking upfront questions about how success is measured, what input’s needed from you, and what you’re looking to achieve will help establish solid foundations right from the start. With the right agency partner, you should be able to significantly increase your market visibility, share of voice, and engagement, and set yourself up for long-term success.
For more information on how cybersecurity PR can help your business to grow, why not check out our case studies, or get in touch for a chat.
