get-it

It’s a funny one this subject about IT security – it always comes back to the users – without us there wouldn’t be any security issues! And without us we wouldn’t need security experts to keep us in check!  We need them and they need us – right!

Every year we organise the IT Security Analyst & CISO Forum which is a wonderful opportunity to get raw and heartfelt insight into how the CISOs are feeling – what they are seeing, what’s troubling them and what they’re doing to find sensible solutions around the problems they’re facing. I felt hugely buoyant after this year’s gathering of CISOs they really seem on top of what’s going on! They were openly collaborating and helping one another – they understand they’ve got huge security issues – but there’s nothing out there that they can’t cope with.  Calm is afoot.

What hit me the most was the realization that users are useless when it comes to security – we the users just don’t care – if it’s in our way we’ll get around it – so there was a consensus in the room that “we need to move away from a No to a KNOW mentality” – because it just ain’t working! So you can’t try and block users from trying to do their jobs, but find the tools to make sure you are on top of what they’re doing with the information.

Oh dear but then that’s not all that easy is it because the 2 next biggest bug-bears that the CISOs discussed was Shadow IT and privileged user management – that’s top of mind the moment.

Shadow IT was a real first for me, what I mean is the term, (sorry I’m a bit behind with the lingo these days), they were all harping on about this being a really big problem – that’s us people yet again in PR and marketing, sales and management – we keep downloading these wonderful sharing apps that make everything so simple for our wee non IT brains – you just download the app and hey presto we can all share spreadsheets and contacts etc amongst our colleagues quickly and efficiently. Quickly and efficiently was never really in the security programmers DNA which is why we always come to an impasse with the security folks.  The likes of google sharing apps, DropBox, Box etc are causing a real pain in the backside for security – secure data is being shared outside the organisation willy nilly – but the good news is that these bright young CISO are onto us – they know what we’re up to and are now learning how to discover, monitor and remediate us where necessary.  At least with the coolest tools out there – they can keep the auditors happy and show they’re doing their best to meet the demands of the compliance chaps!

So we can keep working away with our apps because the IT security folks realise they’re onto a road to no-where – so instead of fighting it and saying NO they’re moving to a culture of KNOW instead.

So the other problem they really started to sit up and talk passionately about was the thorny problem of managing privileged users. Hmmm, it’s the human factor yet again! The typical scenario went as follows: One person is given access to the sensitive stuff, they then share it with a colleague when they go on holiday, a consultant comes on board they then get given access, the original person is promoted into another department or leaves, they hand over access to another new person but still retains access to the original information even though they no longer need it and so on.  One CISO from a major bank who shared his angst found his sentiments were mirrored by most of the other CISOs around the table – “Companies grow very quickly and you get lots of changes so we try to conduct regular privileged access account reviews, but I have to admit it’s one of the biggest problems we have not yet solved.”

It’s the thorny old problem – if you don’t drill into your staff that the data is a major asset of the company and it needs to be respected and dealt with responsibly then it won’t be respected.

Back to good old user security awareness and best practices then! You train your staff and they’ll be your biggest allies – get their trust, get them to take on a bit of the responsibility for security – and you’ll go along way to solving the problem.  That’s the conclusion I came to after listening to these savvy and very switched on CISOs, the reason they were so chilled was that they’ve learnt that security is a really big problem and it’s us users who are their biggest problem – but these guys have a strong handle on what’s going on they’re getting to grips with user awareness and responsibility!  They all admitted that it helps that over the last year the boards are giving them more air time at least 15 minutes every 6 months!  It means more so than ever they have the ear of the board who are giving them the responsibility, time and money to focus on putting security where it needs to go.  For more on what the CISOs talked about at the Eskenzi IT Security Analyst & CISO Forum read Ron Condon’s blog at http://www.itsecurityguru.org

onesieweds

As part of the National Autistic Society‘s Autism Awareness Week, Eskenzi PR is taking part in Onesie Wednesday! We are wearing our onesies to work (and lunch) to proudly raise awareness of Autism.

Onesie Wednesday is a day you can really show how unique you are, and that it’s ok to be different! For those with autism, having that acceptance and understanding from others that it’s ok to be different is so important. Having a younger brother with severe autism myself, I really like this message and am so grateful the whole office has joined in with the cause.

A huge thank you to everyone who has sponsored us so far – we really, really appreciate it!

https://www.justgiving.com/eskenzipr

Happy World Autism Awareness Week!

 

– Katie

ITguru_logo

In 2014 IT Security Guru successfully launched its webcast channel and has so far hosted industry names such as Joshua Corman, Cris Thomas, Brian Honan, Katie Moussouris and Craig Goodwin discussing areas such as Internet of Things, car hacking, major flaws and 2015 predictions.

In January we were joined by Steve Durbin from the Information Security Forum, CISO Amar Singh and Ian Pratt from sponsor Bromium to discuss how best to spend cyber security budget in these times of targeted attacks. Naturally the conversation moved towards the combination of people, process and technology as the best triage for defence, which a live poll of listeners found that 60 per cent agreed with PPT as the best solution, whilst Pratt admitted that “security was not built into code written in the 1980s”. To listen again to this discussion, click here https://www.brighttalk.com/webcast/11399/140339

We are already planning many more webcasts for 2015, and will be joined by members of the group Women in Security on 10th March for a discussion on mentoring, so keep an eye out on the website www.itsecurityguru.org

If you are interested in hosting a webinar, please email Dan@itsecurityguru.org or Ella@eskenzipr.com for pricing and lead generation opportunities.

Gov lunch

Following the huge success of our CISO Luncheon Events, we have teamed up with Wired-Gov, the UK’s leading ICT Public sector site with over 63000 subscribers and have developed a new program of public sector luncheons.  Exclusive sponsorship of these CIO focused luncheons are now available for May, July, September and November.  Sponsorship includes:

  • Themes and invitation messaging tailored to sponsors requirements
  • Invitations into sectors such as NHS, Local Government, Central Government and more
  • Event held under Chatham House Rules
  • Minimum 10 CIOs and ICT Senior management
  • 5* venues with private dining facility
  • Regional events available
  • Cost for exclusive sponsorship £8500

If you would like to find out more, please email or call Linda Joynes on 02071832847 or linda.joynes@eskenzipr.com

Every morning we check the news for the hottest stories in information security for our clients to be made aware of and comment on. On 27th January, we spotted the story that Facebook and Instagram had been knocked offline for an hour across much of the world, amid claims that the social media sites had been hacked. A group called Lizard Squad, which has previously claimed responsibility for bringing down XBox and PlayStation online services, posted a message on Twitter appearing to link itself to the outage which affected Europe, the United States and Asia.

We knew the story would make the headlines so we knew it was a great story for our clients to comment on. We immediately sent the story on to all our relevant clients with a request for comment, and MWR Infosecurity came back nice and quickly with some unique commentary and insight. Their comments were picked by the Associated Press and subsequently distributed through their newswire, gaining an unbelievable 900 pieces of coverage in total! Highlights included pieces in The Daily Mail, The New York Post and an interview on BBC radio 2!

In addition to MWR Infosecurity’s success with comments on this story, both our clients ESET and OPSWAT were featured in The Times. A great day at Eskenzi PR and proof there is room for more than one client to jump on a story!

ESET joined the Eskenzi PR roster in May 2014. A few of us had known the guys at ESET for a while and the time finally felt right for both parties to join forces for their PR in the UK.

As it turned out, ESET were the perfect client – responsive, informative and proactive. In the first six months we achieved:

  • An average of 100 pieces of clippings monthly
  • Of those clippings, 77% were Tier 1 publications
  • National coverage including Guardian, BBC, Independent, The Times and Bloomberg
  • TV interviews including BBC, Sky News and ITV
  • A press trip to ESET head office with five journalists.

We have obviously been delighted with the results we have managed to achieve and are even more delighted that Quinton Watts, VP Marketing and Sales at ESET agreed. “Having always believed in the power of PR and its contribution to raising the brand I decided to move over to Eskenzi from one of the largest international PR groups. The biggest worry of continuity moving from a large agency was quickly dispelled with a seamless uptake of the accounts and our existing industry contacts. I have been continuously delighted by their professionalism, fresh approach and above all results they have achieved. Eskenzi have proven beyond a doubt that they punch way above their weight and the measurable uplift in results has led to an immediate increase in PR budget with total confidence that it is money well spent.”

So many elements of great PR can only happen when there’s great teamwork and we’ve certainly got that with ESET. We’re very excited with what else we can do for them!

The week after Infosecurity will see our 8th IT security analyst & CISO Forum on 8th and 9th June.

It’s the perfect event to attend if you have want to brief 80% of the top IT security analysts in the world who arrive in London for our two day event to meet with just 10 vendors who are flying high with new content, products and interesting plans for the future.  We’ve already have 7 companies signed up but we do have 3 places left.  This year the format has changed, not only will you have 10 one to one analyst briefings and the chance to meet, network and attend the exclusive roundtable debate with 15 of the UKs most influential CISO, but you’ll also be able to use the event for lead generation. We’ll have 70 IT security managers who will be attending to hear the CISOs and analysts debate on the latest hot issues and then during the break-out sessions you’ll have a chance to meet the delegates as each vendor will have a pop-up stand on the seminar floor.  So the event is really aimed at helping 10 thriving IT security vendors to:

  1. Brief 80% of the world’s most influential analysts
  2. Learn what the CISOs really are worrying about and what products and solutions they really need, so that you can approach them afterwards with “just the perfect solution”.
  3. Meet with 70 potential customers and use it as a cost-effective lead generation event.

If you’d like to know more about the IT security analyst & CISO forum please contact Yvonne@eskenzipr.com or call 0207 183 2832.

So Neil and I have returned after two blissful months in San Francisco with numerous trips down to Silicon Valley to see our clients, potential clients, clients-come-friends and analysts.  It was a great trip and very worthwhile and incredibly different to working in London.  Most strange was the realisation that most Californians are health freaks, with a crazy number getting up at 5am to train, eat healthily and then go to bed at 9.30 – great for us who seemed to only want to go out to eat at about 8.30 and rebel against the lycra!

We also met some cool, chilled out folks (not what we were expecting in the Valley)  who surprised us  – as they really were living the life – our girls did an internship at the hippest ad agency in San Francisco Hub Strategy (check them out) and the owner would disappear every lunchtime for 2 hours – not to go down the boozer, but to surf under the Golden Gate Bridge!

There is also this joke that most San Franciscans would rather sell their car rather than give up eating out – and that really is true – the restaurants were superb and it became a daily ritual to find a better restaurant than the one the previous night – so if you need any recommendations you know where to come.

Surprisingly we thought all the IT security stuff was happening in the Valley, but San Francisco is increasingly becoming an IT hub – with these really trendy open planned offices – with mountains of free food, snacks and drinks.  One office had an entire wall filled with every whisky and spirit you could imagine with trays and trays of sushi, chocolate, cakes, sandwiches – all very exciting – but I was rather sceptical about the whole concept behind it – maybe I’m just really cynical!

On the work front it was interesting – in the first week we had 9 meetings cancelled on us, either over the phone or in person – so after thinking it must be something to do with us, we asked around and apparently the Californians are renowned for cancelling on meetings if something more urgent comes up – which it frequently does right – flaky, really flaky (not my wording) but theirs – it’s how they describe their own Californian behaviour.  Here we’d just say it’s “not very British” – but after a while you just sort of accept it and go with the flow.

As for Eskenzi in the US – we’re growing!  We now have 3 clients in the US, all of whom had started using us in the UK first, then expanded to using us in France and Germany and now in the US as we become their global agency.   We have a team on the East and West coast who are providing analyst and press relations and it’s an area we hope to grow as our client base grows – and clearly to enable this growth it’s going to mean many more wonderful days in San Francisco to oversee its success!!!  Rock on Eskenzi San Francisco.

 

– Yvonne

At Roux on Parliament Square, 13 of the country’s top CISOs from various industries and sectors were got together to join one of our CISO lunch roundtables, with Verisign as host. All united over a wonderful and scrumptious lunch and were extremely forthright about their current situations and what the future holds for visibility and cloud infrastructure.

The lunch was sponsored by VeriSign, who power the invisible navigation that takes people to where they want to go on the internet, while also helping to ensure the availability and integrity of internet‐facing networks all over the world. Senior vice president and CSO Danny McPherson set the scene by explaining how VeriSign recognise the current and ever-evolving threat landscape.  McPherson further highlighted the expanding attack surface that users are faced with, and he asked the attending professionals for a perspective on how they control the attack surface and how they protect services.

It was very eye-opening listening to the CISOs sharing similar or not so similar opinions – I learnt an incredible amount in those two hours! Furthermore, it was evident that they are all encountering difficulties, especially with hackers becoming more sophisticated.

They explored and discussed how they protect their sensitive corporate data whilst using multi-tenant cloud infrastructures and the public cloud.  One important theme that continued to crop up was the fact that a lot of employees are not fully aware of security practices and the relevance of them. The CISOs agreed that adequate training is essential in order to stop hackers breaking through another layer.

It was clear to see that the CISOs really appreciated being together and connecting through mutual concerns and solutions. Communally contributing their problems and experiences enabled them to come up with the solutions and answers they may not have considered beforehand. It’s really a learning experience for everyone- as well as great food!

If you would be interested in sponsoring the CISO lunch club and have your CTO or team involved in presenting at the lunch then please contact us on +44 (0) 207 1832 832, linda@eskenzipr.com

 

– Ella

opswat_logo-rgb [Converted]

It’s always exciting when a new client comes on board, and our newest client certainly didn’t disappoint! On 19th January, OPSWAT joined the ranks as the latest Eskenzi client. OPSWAT is a provider of solutions to secure and manage IT infrastructure.

We had an initial kick off call with the team we’ll be working with and gleaned all the information needed to start off our working relationship on the right foot. It didn’t take long before the opportunities started coming in and, luckily, the OPSWAT spokespeople really got stuck in and responded quickly and, more importantly, with a concise, easy to understand response. When it came to the end of January, and time to do their end of month report, it really showed that having a client who is responsive and knowledgeable is such a great asset.

In just two weeks, they had:

  • responded to 4 out of 5 rapid responses given
  • contributed to 4 different feature opportunities across a variety of different publications
  • issued 2 press releases
  • issued a research report

They also managed to obtain 37 pieces of coverage in two weeks, with 24 being in tier 1 publications and even included one national newspaper – The Times.

Here’s to another successful month with OPSWAT. Onwards and upwards!

Follow

Get every new post delivered to your Inbox.