Newsjacking Cybersecurity Breaches: Good Practice or Bad Form?May 25, 2017
Reading time: A mere 4 mins
WannaCry is the latest in the long string of high-profile cyberattacks to splash doomsday scenarios all over the news. Ashley Maddison, Target, Sony, Tesco and Yahoo, among others, have caused quite a stir across the cybersecurity community. But WannaCry stood out even among those breaches due to its immense reach and massive scale, impacting over 10,000 organizations and 200,000 individuals in over 150 countries.
Feelings of panic, helplessness and vulnerability run high, and many companies are willing to invest heavily for just a little piece of mind…. not to mention in order to comply with the tightening regulations.
Riding fear is valid. Simplistic, but valid. Following the attack, many cybersecurity vendors have jumped on the bandwagon with slogans like: “We will equip you better to handle the next attempted attack”. “Preempt WannaCry attack”, “Assess the damage” and so on.
There are, of course, some short-term gains from this type of campaigns.
Key Advantages of Newsjacking
1. Establish yourself as an integral part of the ecosystem
First, newsjacking campaigns demonstrate that the cybersecurity vendor is on top of the latest developments and reaffirms its place as an active part of the cybersecurity ecosystem.
Some cybersecurity vendors, such as Secdo, do their own in-depth research before, during and after high-profile breaches and share their knowledge with the community, which is imperative to future combat and preemtive incident response. With WannaCry, they discovered that multiple groups have been exploiting the EternalBlue vulnerability, weeks before the WannaCry attack. A valuable piece of the puzzle, that others have missed. The prestige and press coverage that this carries is enviable. Another cybersecurity vendor, CyberInt, dived deep into the technical aspects and the anatomy of the attack in their recent blog post.
Such in-depth researched articles are excellent examples, as they combine a learning experience for the vendor with providing a form of community service to the general business community. The key to a successful newsjacking campaign is to avoid generic doomsday “non-news” releases - be original, find a new angle to the story, do your own in-depth research.
2. Spread awareness
Second, these large scale attacks give vendors an opportunity and a vehicle to spread their product gospel on something very topical to a very relevant crowd. The incident is newsworthy and so garners media coverage, plus CISOs and security teams are a captive audience who are now thirsty for insights into how they can prevent the next attack or assess the damage done.
If you can contribute something new and valuable to this hot topic, it can prove invaluable for your marketing efforts later on.
3. Pressure to invest in cybersecurity
This clearly leads onto the third advantage - an increased pressure for investment in cybersecurity across the board and newsjackers can ride this wave.
Several companies have already burst out of the blocks in the wake of WannaCry. Kaspersky are offering a tool they say will keep you ‘one step ahead’ of WannaCry and warn of a ‘new strain’ which they claim EUROPOL describe as being, “at an unprecedented level”. Cybereason have launched a campaign, promoting their RansomFree free ransomware protection tool, that is capable to detect and stop WannaCry attacks.
While this form of newsjacking does create some awareness (to varying degrees) for the vendors, the question remains: Did it generate any qualitative results? Marketing Qualified Leads? Sales? And speaking of the ROI, what did it cost to jump on the breach bandwagon?
Key disadvantages of Newsjacking
1. Diverting Valuable Resources
The time sensitive nature of newsjacking campaigns means that all other projects need to be put on hold until the crisis is over.
One major cost of a newsjacking campaign is human resources deployed to respond immediately after a cyber incident. Technical and non-technical team members must be pulled away from whatever projects they were working on in order to research the cause and effect of a breach and create the detailed analysis.
SecOps team will be evaluating the root cause, extent of the damage and creating patches. Product team will be evaluating current products and upcoming features to check whether they are still effective. Marketing will be creating online campaigns and press releases, senior management will be fielding press and analyst interviews, and the list can go on. Naturally, across the board, other projects would suffer, with knock-on effects for upcoming deadlines.
2. Real ROI
As highlighted with the examples above, you are one among numerous companies trying to maximise on the latest piece breach on the news. How can you calculate the ROI of the resources invested in a newsjacking campaign?
Marketing is for the long haul and there are no real quick wins that don’t come at a very high price. Newsjacking is a high price ticket, and the return on investment is questionable.
3. Self-righteous claims are risky
A self-righteous claim along the lines of, ‘It wouldn’t have happened on my watch”, ‘This type of attack will never happen with my product.’ can seem like a great idea. But when tempted to use this kind of messaging,remember Sophos and Britain’s National Health Service (NHS), one of the high-profile victims of WannaCry.
Proud website boasting that the "NHS is totally protected with Sophos" became "Sophos understands the security needs of the NHS" after the catastrophic WannaCry outbreak.
No company’s product is perfect and what goes around may end up coming around on one of your customer’s networks.
Newsjacking & The cybersecurity breach draw plan
So how do you execute a successful newsjacking campaign? Start with the contingency plan, and plan for the breach that hasn't happened yet. Start with what you need to do as soon as a major breach breaks:
- Who will be needed to draw the campaign? For example, 3x analysts, 1x team leader, CMO, CEO, PR company. Instead of hectically scrambling in the midst of a crisis, know exactly who you need to make the campaign happen.
- Action items: Set up a clear list of tasks and action items: research into root cause and effect, check customers affected, product implications, draft a report, create messaging, draft press release, creative campaign - what kind of content & creative will we use, which analysts and journalists do we call on first?
- Bugdet? Setting aside a budget dedicated specifically to newsjacking would help you avoid scraping for funds and skimming from your planned activities, potentially hampering long term marketing goals for short-term gains.
- What does success look like? Make sure to set SMART goals for your newsjacking campaign.
Cybersecurity Newsjacking, the verdict
When done properly, newsjacking grabs media attention and increases positive brand awareness. It needs to be executed to perfection or you risk either being yet another one of the unmemorable many newsjackers, or worse, being associated with fear mongering and doomsday prophecies, without contributing anything of value to the conversation. When a security breach is in the news, there’s a big difference between reassuring your customers that they’re safe and mocking the victims.
Newsjacking cybersecurity campaigns can be extremely worthwhile, but unlike other marketing tactics, you only get one shot to do it right. To successfully communicate with your audience and generate leads, a long term and well thought out strategy is what it takes… but then again, you already know that ;).