Hopefully you’ve heard about Security Serious Week, which is happening during the last week of October, where professionals in the IT security industry are getting together to give something back to encourage others to become more security serious.  All in the hope that together we can build a safer online community.

We’ve got over 50 supporters involved so far with webinars, events, free software  and lots of live Q & A.  You’ve still got time to get involved! All you need to do is offer a webinar or seminar for free and we’ll promote it for you on the security serious site, at www.itsecurityguru.org, and through our mailing list to end-users which is over 100,000 IT professionals.

We’re also getting together to show the press that the IT security industry is serious about security and you’re welcome to come down to join us at 12 noon on 26th October at Trinity Square Gardens outside Tower Hill Tube opposite the Tower of London.  Afterwards there will be lunch courtesy of HP Security Voltage at the Dickens Inn in St. Katherine’s Dock.

If you want to be involved tell us now as Canon UK are kindly printing all supporters logos onto banners and we’ll need to get your logo over to send it to them asap.

If you need any further information please visit www.securityserious.com or email yvonne@eskenzipr.com.

We’ve put together a book of short stories which are ideal to read just before going to bed as a way of raising awareness of what can go wrong when the IT security guys don’t get it right!  Why did Eskenzi put this little book of hacking horror stories together? Because we’ve heard so many amazing stories from our hacker friends & clients we thought it would be fun to write them down and raise money for the NSPCC – a children’s charity which is supported by the IT security industry’s own charity – the White Hat Charity.

The idea is to make end-users sit up and think twice about their own security practices and then get them to become better at IT security housekeeping!  Most are fictitious, some have happened and others could still happen.  The book will be ongoing so if you fancy adding a chapter for the next series we’d be happy to hear from you!  If you’d like to download a copy then please go to www.securityserious.com – and download the Hacker Tales for free.  Happy reading!

When a breach happens, such as Ashley Madison, Match.com or the Apple Store breach, there is one agency the BBC, Radio 4, Register or Daily Mail turns to and that’s Eskenzi PR.  Why? Because we represent over 20 IT security vendors, have the experts at our finger-tips, been banging the IT security drum for 20 years and the journalists know us and trust us to give them great commentary.

I know it sounds a bit far-fetched to imagine that a small IT security vendor could achieve 400 pieces of coverage in literally a few hours – but this month that’s exactly what Lucy Harvey, our senior account manager, together with Iva, her ever trusted account executive, achieved for a client called Lieberman Software.  On the anniversary of the iCloud Hack journalists were asking us if we had comment to see if things had improved in the last year and what companies should do to improve their security.  Phil Lieberman came up with a great comment that resonated with the press and within hours it had hit the wires and most of the national press.

Never a morning or afternoon goes by when the press don’t approach us asking for comment from our clients on a breach, vulnerability or cyber-security story.  ESET, along with other clients, were all in the press, as you can imagine when the Ashley Madison story broke, including a TV appearance on the 10 o’clock news as indeed they were with Match.com and the Apple Store breach last week.  In fact, we achieved in 1067 press cuttings just last week – which is a very average week in the Eskenzi PR office.

The Times wrote a special report last week on cyber-security and we got 4 clients mentioned in one article and one client alone got into the Register and SC magazine 4 times.  They were also in The Sun (which is always fun for the right reasons), The Daily Mirror and ITV news.  MWR also achieved an excellent interview on Radio 4’s MoneyBox programme talking about Vishing.

Other cool publications that regularly take news from our clients include the likes of Wired, The Telegraph and the BBC who we work with on a daily basis helping to fill their cyber-security section!

So if you’re interested in making the headlines why not contact us and see if we can help you.

20th years ago on 1st September 1995 I decided to set up a PR consultancy run from my tiny dining room table in Barnet.  I wrote to everyone I’d ever worked with, because emailing hadn’t yet taken off.  My first enquiry came from an ex-colleague at News International and friend Andrea Hornor, who had just started working for Reed Exhibitions and been given this new show to sell called Infosecurity. She said the agency they’d begun using called Lewis just didn’t get it!  When she told me what “it” was I told her I probably wouldn’t get “it” either! “What the hell is anti-virus and what does a firewall really mean – it was a WHOLE new world – could I really get it!”. So we worked together to launch the first show in 1996 with just 30 or so exhibitors.  It was great fun because there were lots of spy’s who attended from MI5 and CESG called Mr. Green and Mr. White.I gathered lots of frightening facts on IT security and made the front page of the FT. That’s when I realised the world of IT security was a lot more fun than I’d realised.  It didn’t have street cred but it was easy to frighten people with lots of scary stories – which I’ve always loved doing!  We worked on that show for 17 years and built it into Europe’s largest IT security event.

It’s also how we became the only PR agency in Europe to specialise in IT security and now have a base here in London, with teams in Paris, Munich and San Francisco.  We also run www.itsecurityguru.org which has 20,000 subscribers, the IT security analyst & CISO Forum which occurs once a year to a small elite number of vendors, and run the CISO lunch club which happens once a month. Not only do we now look after 21 of the world’s top IT security brands, but we have taken many to IPO, including Imperva and Varonis, and others to acquisition, such as Voltage to HP, OpenDNS and Cisco!  We’re frequently asked to pitch for work in other sectors but to be honest IT security has become the coolest industry to work in and we all love it with a passion. Who would have thought 20 years later it would be the subject on everyone’s lips and on the pages of every national paper every single day!

Brief the world’s top IT Security analysts & CISOs in Europe

We’ve opened up registration for the European IT Security Analyst & CISO Forum on 25th and 26th April 2016 at the Melia White House Hotel in Regent’s Park.

If you’re keen to get the analysts talking about your products or you’ve got something new to talk to them about, then this is your opportunity to influence some of the top analysts in Europe and the US.

It’s a very niche event for just 10 innovative, dynamic IT security vendors with proven technology!  So if you think the analyst & CISO community would be interested in hearing about your roadmap and product suite then read on!

Here’s a quick overview on what it’s all about:

  1. You meet with 10 of the world’s top IT security analysts in day one (list below)
  2. Day 2 you are one of just 10 vendors to be privileged enough to sit, quiz and hear what is driving the CISO community and to find out what products they want to buy. Plus you get to network with them during the morning and over lunch.
  3. You get sales leads on the afternoon of day two by exhibiting for free at the CISO and analyst roundtable debate where we expect around 120 IT security professionals and buyers to attend.

Some of the analysts who have already agreed to attend include:

  • IDC – Duncan Brown
  • Ovum – Andy Kellett and Rik Turner
  • 451 Group – Scott Crawford and Dan Raywood
  • Forrester Research – John Kindervag
  • Bloor Research – Fran Howarth
  • Kuppinger Cole + Partner – Martin Kuppinger
  • Quocirca – Bob Tarzey
  • NSS Labs – Paula Musich
  • IT Harvest – Richard Stiennon
  • Securosis – Mike Rothman OR Adrian Lane
  • Telesperience – Teresa Cottam
  • Goode International – Alan Goode
  • ABI Research – Michela Menting

End-user companies who will be invited to attend include:

  • Santander
    •    National Grid
    •    Travelex
    •    Network Rail
    •    GlaxoSmithKline
    •    Virgin Media
    •    BP Plc
    •    HMRC
    •    Commerzbank
    •    BBC Future Media & Technology
    •    BT
    •    Foreign Commonwealth Office
    •    John Lewis
    •    NFU Mutual
    •    Snow Valley
    •    Betfair
    •    Channel four
    •    Lloyds
    •    Oxfam
    •    Unilever
    •    Jericho Forum
    •    The Economist
    •    NATS

If you have new products and have something refreshing and insightful to impart to the analyst community then you should seriously consider attending this event as there are just 10 places available for this “once in a year event” .

The cost of the event is £10,500, which includes the entire 2 day event. If you would details please email Yvonne@eskenzipr.com

On what seemed to be a quiet August morning, a journalist from the Press Association contacted us asking for expert comment on a story he was writing to mark the one year anniversary of the iCloud hack, which exposed the personal photos of many celebrities. Of course, we were delighted to cater to his request and based on prior comments from Lieberman Software, we thought they would be happy to provide an opinion on this.

So we sent the opportunity to our client and they quickly provided a very interesting response on a topic which many other security vendors would not be brave enough to comment on – the giant that is Apple.

Being brave enough to comment certainly paid off for Lieberman Software, as newspapers across Britain jumped at the chance to get their hands on the story. Having first appeared in the Daily Mail, an incredible 382 other publications published the story over two days!

So there you go, simple really.


Just back from my hols and it’s heartening to see that whilst I’ve been away so many great movers and shakers in the IT security world have signed up to get involved in Security Serious Week in October. So many of the CISO community have already committed their time for free to offer seminars and webinars on a host of great subjects including Unilever, BT, Canon, Lloyds Bank, HSBC, GSK, Publicis Groupe, Markit, Willis and The Economist to name but a few!  Our loyal analysts including Ovum, Quocirca and IDC are on board and yesterday I was delighted that the Department for Culture, Media and Sports have agreed to get stuck in with events during the week and rally other Government departments to do so too – way to go!  The week should be incredibly insightful to any organisation wishing to become more security savvy!  So if you’re an IT security specialist or IT security organisation that wishes to impart your pearls of wisdom to other businesses to make them more Security Serious then why not organise a webinar or seminar. We’ll promote it for you on www.itsecurityguru.org and www.securityserious.com.    We’ve also got loads of companies participating in the press photocall at 12 noon on 26th October outside the Tower of London (find out more at www.securityserious.com) – where everyone will have a banner with their logo on it to show the world they’re “Taking Security Seriously”.  By participating in the day not only will you be counted as a company that’s Security Serious but it’ll be a great networking event as we’re all going to meet in the pub after the photocall – CISOs, analysts, press, vendors and other IT security professionals.  Hopefully, by getting together new contacts will be made and we can work together to make UK Plc a safer place to do trade Online! If you want to brainstorm how you can get involved then email me Yvonne@eskenzipr.com!

The Ashley Madison breach went from being a pain to an utter disaster. If it wasn’t bad enough that credentials of over 36 million users was stolen, last week all of that data was leaked online.

As soon as the news broke, the Eskenzi team jumped into action and reached out to clients to get commentary that we could issue to the press. Rather fortuitously, Stephen Coty, chief security evangelist at one of Eskenzi’s clients, Alert Logic, had managed to do some digging on the underground forums and had obtained the leaked information. He stayed up all night mining the data to see if he could find any juicy details about the people whose information was exposed.

He discovered that over 14,000 people were government officials! Meaty stats for a PR pitch, that’s for sure. I got to work as soon as he had sent the information over, pitching these facts and figures to the IT, tech, business and national media. The time it took from receiving the initial email from the client, to issuing a media alert was only around 10 minutes! You need these sorts of quick reflexes and speeds to ensure optimum coverage – along with relevant and interesting comments, of course.

Within minutes, coverage started appearing, and the phone started ringing requesting interviews. As a result of issuing this media alert, Alert Logic received over 20 pieces of coverage including several national hits including The Observer (print), The Guardian (online) and International Business Times.


Actually, that isn’t the question, it’s the challenge

While some bay for the death knell to sound, I still firmly advocate that the press release has its place in the communications portfolio –but only if it’s done well.

The problem is that, in my experience, repeatedly it’s not! tips and hints

To be valuable the press release has to be carefully constructed. To do that takes a perfect blend of elements. Get it wrong and your prose is unlikely to see the light of day but, get it right, and you’ll generate interest and ultimately coverage.

With that in mind, here’s my tips for effective press release writing:

Grab the attention: The headline, and subject line if sending via email – which we all do, are the most important things to get right when writing a press release. You should use no more than 10 words that scream how interesting your release is to the recipient.

Journalists have hundreds of press releases flooding their mailboxes every day – or hour in some cases! Your release has to shine out against all the other dross. But that doesn’t mean you should be flippant, nor gimmicky – the journalist has to understand that a) it is a press release, b) what the release is about, and c) deem it relevant, if they’re going to open your message and read on.

Assuming you’ve passed this first hurdle, your opening sentence too has to keep the reader’s attention if the remainder of the release is going to be read. The golden rule here is that the opening sentence summarises what’s in the rest of the release, in less than 20 words, and reads like the opening line of a news report. Simple really – actually, that’s quite a skill.

It has to be newsworthy : There is absolutely no point writing a press release if you don’t have any news. Regardless of the demands a client, or even account manager, may make – if the subject isn’t genuinely new, interesting, innovative or surprising then a press release is not the best tactic. Instead, either combine this announcement with something that is newsworthy, or use a different PR tool.

Find your hook: Every editor needs a hook to pin your story around.  The best press releases will include this – ideally in the opening paragraph. For example, is a journalist interested in Company A’s new whitepaper? I’d wager not. But, if Company A has uncovered a previously unknown vulnerability in Software X and has published a paper on its research – then the hook is the vulnerability with the whitepaper referenced.

The Five W’s: In the opening paragraph it’s imperative that you cover the five W’s – the who, what, where, when and why that this release details. If you can get this into the opening sentence then perhaps you should consider a career as a news editor :-)

Don’t waffle: While it might be tempting to put everything you know on the subject into a press release, don’t! The ideal length is one A4 side – approximately 400 words, or four paragraphs. Any more and you’re not writing a press release, you’re writing an article. Pick up any newspaper and look at the news section – short and snappy is the typical style and that’s what your release should emulate. If the journalist is interested, and needs more information, then they’ll ask for it.

Include a quote: And don’t say ‘we’re delighted/excited/pleased or thrilled ….’ of course you are but that’s not insightful. I also recommend that you read a quote out loud – if it sounds like you’re reading then it’s not a quote – you’re aiming for something that sounds natural and flows easily.

Complete the package with an image: Publications are screaming out for images to brighten up their pages so include one. Make sure, if you’re approaching a print publication, that the resolution is high enough, and try to make it interesting – a head shot of a spokesperson is not going to cut the mustard.

However, don’t attach the file to your message as this will annoy journalists struggling to keep their mailboxes a manageable size. Instead, a simple ‘Notes to Editor’ at the end of the release stating its availability will suffice. While on the subject of notes, you could include additional background material for the release in this section.

Include your details: There is nothing more frustrating to an editor, who’s fast approaching a print deadline and needs to verify a fact in a story, if they can’t immediately reach you. Include all the ways you can be reached, and that includes out of hours numbers.

One Size won’t fit all: So, you’ve got the lot – the interesting news hook, eye catching headline, and perfect quote. While that’s 95% of the secret formula, the bit that’s missing is the tailoring for each publication on your list. Take the time to write to each contact individually, detailing why the release is relevant to the publication’s audience, and highlighting the salient points. Again, keep it succinct and use bullets if it helps.

Get it proof read: There is nothing more frustrating then something littered with typos – it’s unprofessional and some journalists claim that they will delete releases with spelling errors and grammatical mistakes without reading them. get-it

So there you go, my top tips to effective press release writing.   logo-date+slogan(banner)


Here’s an event that you’re going to want to be involved in because it’s for every company who takes Security Seriously!

The campaign is called SECURITY SERIOUS and we’ve dedicated an entire week to it from 26-30 October.  The campaign will push the message to the business community that – we’re taking Security Seriously and so should you!

We’re hoping to get 50+ best of breed companies who are good at IT security to help other companies become more security savvy through a range of exciting events! We’ll kick off the week with a photocall outside the Tower of London at 12 noon on 26th October.  Everyone will be there with their company logo and huge banner that states that we’re all pulling together to show that “UK PLC is serious about IT security. We’ve arranged for the press to take pictures at the photocall and then we intend to create a social-media frenzy around the whole week!

During the week we have lots of free lectures and events that companies are offering on a first-come first-served basis. These will be on a range of cyber-security topics – it could be “getting the board’s attention”, “how to stop breaches” – “Finding the right tools to securing an SME” etc.

We’ve already got some amazing large companies behind the week doing some really exciting events, BUT we want to get a huge momentum behind and need your help with the following:

  1. Let us know if you want to be involved in the photocall opportunity – if so we’ll get a huge placard with your logo on it.
  2. Can you support this event by offering something positive to other businesses during the week – it could be a webinar, free software, seminar in London, internal seminar to your staff, something inspiration and creative!  We’ll promote it through Eventbrite and Brightalk and on the website with your logo as a supporter of Security Serious.
  3. Who could you invite to get involved apart from your own company?
  4. Add the event and logo to your email signature
  5.      Blog about it.

YOUR INVOLVEMENT AROUND THIS EVENT WILL NOT COST YOU A PENNY – it’s all about the community collaborating as an industry to get best of breed security professionals from great organisations working to help others become more security savvy – that way we can improve the security posture of UK PLC!

So please let us know how you’d like to get involved asap so we can build your event and idea into the website and campaign.

For more details email Yvonne@eskenzipr.com


Get every new post delivered to your Inbox.