Cybersecurity journalists have an exciting job, especially when they need to report on illegal activity online; however, their sources can be limited when writing about a hack or security incident. Bad actors do a pretty good job staying off the radar so information on them can be very difficult to come by which is why over the years, cybersecurity journalists have formed a unique alliance with threat intelligence teams as their go-to source when an attack happens.
Using their knowledge and expertise:
Threat intelligence teams provide information about emerging and existing threats and help organisations protect their data and workforce. In order to do this effectively, many of them need to be able to infiltrate the dark web, where they can gather information about new attack vectors or potential attacks and study it. That information can be a gold mine for journalists.
Their technical knowledge and expertise as well as their fact-based opinions also make them more attractive to the media who are looking for impartial insight. Sometimes threat intelligence teams are so detached from the rest of the business that they have their own brand. For example, Cisco’s team is known as Talos and Palo Alto Networks’ as Unity 42.
With intelligence that only a limited number of people have access to, marketing and PR teams can work with these groups to enhance their existing programmes.
Using insights to create compelling content:
Cybersecurity journalists have a massive appetite for trends around cybercrime and how it impacts organisations. It’s no wonder that when we conducted research into the earned coverage at RSA, we found that more than 50% of coverage at the event covered vendor research or insights from threat intelligence teams.
By working closely and speaking regularly with them, PR and marketing teams will be able to create a variety of content on the latest and most topical insights and feed their PR and demand-generation activities. Even a handful of data points might be all they need to answer journalists’ interviews or comments’ requests or build a story that will grab the attention of both the media and prospects. And if done well, it can deliver high volumes of coverage which will generate an increase in share of voice.
Responding to breaking news
One thing that sets the cybersecurity media aside from other trade media is that speed is everything. When a cyber incident occurs it’s a race to the headlines and if journalists are already putting out requests you’re usually too late. Threat intelligence teams can help by identifying unusual activity before it hits the press or be available at a moment’s notice to deliver comments or an interview.
PR and marketing teams can also be part of this effort by keeping their eyes on key cybersecurity sources such as the NCSC or even the FBI so they can catch news before it reaches a journalist’s inbox. This way they can work with their threat intelligence team on developing content so that a journalist has everything they need to write an article.
Being fast and having a good monitoring process can pay huge dividends from a coverage and awareness perspective.