The Schwartz MSL digital team put me on camera to walk through the highlights of an eBook MSLGROUP recently published providing tips and tricks for Infosecurity PR. Infosecurity is the largest IT security show in Europe.
To download the free eBook from the MSLGROUP Technology Practice outlining tips for Infosecurity PR, click here.
We might both speak the same language (sort of), but certainly there are differences between Americans and our friends across the pond in Britain. I was in London last month and found it perplexing that they serve beans at breakfast, and pudding isn't a liquid. Then again, I am sure London natives are equally perplexed by American bad habits.
MSLGROUP represents IT security vendors around the world, and IT security pros often work hand-in-hand across Schwartz MSL and MSL London offices. This time of year, we collaborate even more frequently, given that two of the largest IT security trade shows on the planet are happening. RSA Conference 2013 was in San Francisco in late February (practically March), and Infosecurity Europe kicks off next month in London.
We wondered-- What are the differences between RSA Conference and Infosecurity? Are they the same from a PR perspective? Ahead of RSA Conference, the Schwartz MSL IT Security practice surveyed several IT security reporters in the U.S. to ask them about the show; recently MSLGROUP similarly surveyed U.K. reporters to get their thoughts on the Infosecurity event.
One glaring result of our research-- Key reporters are attending these conferences. Seventy-five percent of U.K. security reporters are planning to go to Infosecurity. While that's lower than the share of the U.S. security media contingent that attended RSA Conference, it's an impressive number, especially given all the talk of reduced travel budgets and remote working.
So what are the major differences between RSA Conference and Infosecurity? What are the similarities? And how should that affect planning for Infosecurity, given that show is about a month away?
MSLGROUP IT security pros pored through the results of the surveys and locked ourselves in a room to compare notes. The result is an eBook outlining Infosecurity PR best practices while reviewing how that show compares to RSA Conference from an IT security PR perspective. And the price is right for this eBook-- F-R-E-E. We invite you to download the eBook and share your feebdack.
Just ahead of last week's RSA Conference, the New York Times reviewed a recent trend: More and more companies are telling the world that their computer systems have been compromised, even if those companies are under no obligation to do so. Just days earlier, the Times published its own mea culpa, admitting hackers penetrated the publication's systems. Nicole Perlroth penned both stories.
What is to make of the recent rise in self-effacement? From an IT security PR perspective, the crisis communications playbook rather quixotically proclaims that disclosing bad news is a good thing. PR pros are taught the virtures of telling the truth and "getting it out and getting it over with" when troubling news arises. It would appear such best practices are making their way into the thoughts of CIOs and CISOs faced with word of compromised systems.
[Note: While many state laws and other legal requirements dictate that companies disclose data breaches, there still are many circumstances when specific IT security incidents are out of the scope of these rules, such as if the data compromised was encrypted or did not contain personally identifiable information. Further note: I am not a lawyer, and questions regarding data breach notification requirements are best left to legal departments.]
The rationale for coming full circle with data breaches goes beyond nobility or ethics; it turns out most people appreciate brutal honesty. By taking the initiative to admit a breach and fix the problem, companies can end up benefitting from positive PR in the end.
Consider Heartland Payment Systems, a company discussed in the New York Times story. Heartland was at the center of one of the most infamous data breaches of all time, when it disclosed in early 2009 that its credit card processing systems had been inflitrated, potentially compromising card information for millions of people.
Heartland disclosed the breach, set up a website to communicate directly with interested parties, and then began discussing how it was addressing the news. Over the course of several months, Heartland announced relationships with companies providing innovative security technologies as a way to show its commitment to preventing any sort of breach in the future. It turned Heartland-- a company few even knew of before the breach-- into a security innovator.
While more and more companies are disclosing breaches, it still takes some time between when the breach is discovered and when the company announces it to the world. Some would argue that it is a bit of a disservice to the public to wait. I argue that PR disclosure at any point is much preferred to no disclosure at all.
Roughly 40 Schwartz MSL staffers were involved in RSA Conference 2013 for our IT security practice. Above are a few that were able to take a break during the show for a team photo. From left to right: Nina Gill, Iris Herrera Whitney, Dara Sklar, Sam Katzen, Laura Finlayson, Ross Levanto, David Broughton, Bill Keeler, Nicole Solera, Dave Bowker, Dan O'Mahony. [Photo Credit: Bill Reber, Schwartz MSL Digital]
Well, the White House issued the Cybersecurity Executive Order on Tuesday and many are wondering if that's it?
- Subways (NYC, Philadelphia, Boston and other large cities)
- Trains: Amtrak operates more than 22,000 miles of track in 46 American states
- Nuclear power plants (There are 65 commercially operating nuke plants within the US in 31 states with 104 nuclear reactors. The plants generate 20 percent of U.S. electricity)
- Power plants: There are hundreds of other power plants in the US, including hydroelectric power, coal burning power, oil-fired power, geothermal power, natural gas power and wind farms
- Federal Reserve: The central banking system for the U.S.
By Bill Keeler on February 13, 2013 11:38 AM
Each evening at RSA Conference features a full line-up of cocktail receptions, dinners and other private receptions. The business of the show carries on well into the night and often into the early morning. Recovery is an important concept.
The analysts at Securosis come to the rescue each year by hosting a recovery breakfast where attendees can grab a nice breakfast, drink coffee, and discuss the highlights of the show.
Schwartz MSL is sponsoring this year's breakfast, which is scheduled for Thursday of RSA week (February 28) from 8-11 a.m. at Jillian's Restaurant, which is adjacent to the Moscone Conference Center.
The Securosis event comes during the second half of the RSA Conference week. It's a week that the IT Security PR pros at Schwartz MSL know well. We've even put together an eBook to help security PR and security marketing teams as they get ready for the show. Click here to download your free copy.
For the PR pros, marketing peeps and execs at the RSA Conference, we invite you to stop by. If you are planning to attend, please RSVP by emailing rsvp (at) securosis (dot) com.
We're excited to hear the reason for Securosis's Rich Mogull's absence from this year's breakfast; He and his wife are expecting a baby!
February's arrival means it's not long now until the IT security world descends on San Francisco in a whirlwind of networking, deal making, chotsky collecting and Moscone Center-induced sore feet.
Here at Schwartz MSL we have decades of experience guiding our clients down the right road when it comes to maximizing their strategic communications program before, during and after RSA Conference. Connecting security company executives and researchers with top reporters for in-person meetings during the show is a key component.
As you can imagine at the industry’s marquee event, competition is fierce for face time with reporters. What does it take to land media meetings? To find out, Schwartz MSL surveyed 50 of the top information security journalists. Here is a sneak peek at the findings:
For more tips and tricks to maximize PR and marketing opportunities around RSA Conference, download the new Schwartz MSL eBook, “Road to RSA Conference 2013”. Contact us with questions or for assistance.
Good luck and have a great show!
By Tiffany Darmetko on February 4, 2013 12:00 PM
The RSA Conference 2013 is just around the corner and there is nothing more important for most companies than connecting with new prospects and re-connecting with current partners and customers. It is a place to get reacquainted with old friends and colleagues but also meet new people in order to hear their take on identifying and mitigating myriad IT Security network and mobile device threats.
Often times, companies are looking for advice and tips on how to best maximize their time during the week at RSA. When it comes to public relations and media relations, there are more than 100 respected journalists usually on site, in addition to dozens of industry analysts. Schwartz MSL is helping their existing clients and can help other companies wade through the choppy waters of media relations. The Road to RSA eBook is chock full of information on what reporters are interested in covering at the show and where they prefer taking interviews. In addition, we included the names and Twitter handles of the most influential reporters so you can follow them at the show
We're here to help so let us know if you have any questions. Enjoy!
By Bill Keeler on February 1, 2013 12:27 PM
Today’s Tangled Web posting comes from Neil Cook, CTO for Cloudmark. Cook shares his security trends for 2013.
The prevalence of smartphones and continuing rollout of Long Term Evolution, a widely adopted standard for wireless communication of high-speed data for mobile phones and data terminals, will help create optimal conditions for spam-sending botnets.
We’ve already witnessed examples of self-propagating malware on Androids emerge. In the past week, our research lab has been closely following an Android Trojan, dubbed SpamSoldier, which is infecting Android phones causing them to send out spam and invitations to download the infected apps. While this malware is currently not nearly as sophisticated at PC botnets, we anticipate a dramatic increase in such types of attacks, and so early-stage botnets like SpamSoldier are a harbinger of worse things to come in 2013.
In the coming year, we anticipate outbound spam will be a major issue for consumers and wireless carriers. Hacked accounts have been an increasing trend in outbound abuse and this situation will only continue to worsen. Often, consumers won’t know that their phone or PC has been infected with malware sending out suspicious messages and infecting other devices. Such attacks are harder to combat – unlike spam perpetuated through a specific number or IP address, infected phones and PCs cannot always be remotely disabled or blocked.
Mobile message phishing and smishing attacks will also become more sophisticated as cyber criminals increasingly realize the effectiveness of mobile messaging as an avenue to spread spam and infect phones. SMS is rapidly overtaking email as an effective mode of communication, with consumers opening more than 97 percent of all SMS messages received. More cyber criminals are already beginning to realize the enormous potential mobile messaging presents for attacks and spam campaigns.
Another target for spammers will be over-the-top messaging providers such as WhatsApp. We anticipate that hacked/ fake OTT messaging accounts will be used to spread fraudulent scams against subscribers.
Finally, cyber criminals will set their sights on personal data acquired through social engineering and deceptive tactics via social media, email and messaging channels. These campaigns will target individuals with offers of free gifts, gift certificates and giveaways as well as surveys. The overall objective is to lure unsuspecting individuals into revealing confidential information that can be further used to perpetuate other scams and spam campaigns. We predict social engineering attacks like these will be some of the biggest threats to personal data privacy in 2013.
By Bill Keeler on December 20, 2012 3:30 PM