Last Friday, HSBC’s online banking website got taken down by a DDoS attack, leaving thousands of customers unable to access its services. Anyone attempting to access their account was receiving an error message that morning reading: “We’d like to apologise to all our customers for Online Banking being unavailable.We know how inconvenient this is and we are doing everything we can to rectify the problem. Please try later.”

This may have been extremely inconvenient for HSBC customers, but a cyber attack on this scale means a field day for Eskenzi PR’s security expert clients. Within only a few minutes of the first reports of the attack, we had issued a link to the breaking news to our clients, asking for comments on the story and advice for those affected. With a story like this, with such a high profile organisation involved, time is most definitely of the essence.

Several clients responded in record time, but it was one of our newest clients, NuData Security, who really cashed in on HSBC’s bad news. We issued commentary from Robert Capps and it wasn’t long before the coverage started rolling in.

By the end of Friday, NuData had obtained coverage in The Daily Mail, The Daily Telegraph and Reuters. Over the course of the weekend, more National hits popped up in print in The Sun and online in the Mail on Sunday.

At the time of writing this blog, NuData Security has obtained 13 pieces of coverage, all in National newspapers or top business publications. It just goes to show that, if you’re on the ball when a huge story breaks, you can end up with fantastic results.

Last week, password management firm, SplashData released a report announcing the most used passwords of 2015 and the results were shockingly bad with “123456” and “password” at the top of the leader board. The results showed that people’s terrible password habits have hardly improved since 2011. Although this is terrible news fo
r the poor souls that will have their data stolen this year d
ue to their lazy password choices, this was a great opportunity for our security experts to rant on a national stage.Login Box

On Wednesday we received a request from a journalist at Press Association
asking for comment on the password report; which is really hitting the jackpot in our line of work as it means that the story will likely get

syndicated across tons of publications across the country and maybe even
overseas. So, we forwarded the request to our security experts and they were quick to provide commentary on the story, then we all did our rain dance chanting for coverage, which seemed to work for our two lucky clients, ESET and MIRACL.

Throughout the day we eagerly watched the coverage rolling in, from BT, the Mirror and Metro to local papers such as Yorkshire Post and Wigan Today. Both clients achieved coverage in around 30 publications from this story which is a great start to the year! However, we weren’t done just yet. We sent the comments out to further journalists and the Guardian also used them their own article. To put the cherry on top, a journalist from BBC World Service radio also called us asking for a quick interview. Of course, we dropped everything we were doing, and so did MIRACL’s CEO, to take the interview within half an hour of the request.

The end results were 7 pieces of national coverage and 21 pieces of regional and technology publications.

We really are grateful to have such influential journalists coming to us for comments and we are lucky to have such great clients willing to drop everything for a good PR opportunity, it certainly makes our job easier. So a massive thank you to them all, and here’s to a 2016 filled with more success stories than our blog can handle.

rapid-response.jpg

At Eskenzi PR, one activity that we excel at, and thankfully it’s guaranteed to drive coverage for our clients, is rapid responses. Take a read of our recent ‘Goodbye Internet Explorer’ blog if you don’t believe me.

Years of honing our craft has taught us what works, and more importantly what doesn’t. With that in mind, here’s our top tips for rapid responses:

Timing: Rapid responses are just that, rapid and respond to a breaking news story. When I first started working in this sector, too many moons ago, cyber security stories were like gold dust and I was one of a handful of PRs that specialised in the subject.

Today, unfortunately, there’s typically a plethora of vulnerabilities discovered or breaches disclosed to pick from. The secret is picking the right story, for the right client to offer valuable insights and credible advice. The clincher is doing it before the competition.

Teamwork: In a hospital or other healthcare facility, it’s almost guaranteed that there will be a ‘Rapid Response’ team – people who bring their expertise to the bedside when it’s needed most as quickly as possible.

It’s the same for our clients. Internally they identify their team of industry experts who we send our alerts. They’ll then quickly look at what has happened and offer a response – if appropriate.

Content: Which brings me nicely onto our next tip – it has to be newsworthy and credible. There’s no point regurgitating what’s already known, similarly we don’t want our clients speculating on something they know nothing about – there is such a thing as bad PR and we work hard to make sure our clients aren’t on the receiving end.

We encourage clients to offer their particular insight into what’s happened – or could happen in the case of a vulnerability, that’s tied with strong advice to help organisations keep themselves, and their virtual assets, out of the hackers clutches.

It’s also worth mentioning that, when it comes to news, reporters aren’t looking for essays – they need succinct sound bites. If they want an essay on the subject for a follow up feature they’ll ask for it – and often do.

Delivery: A key piece of the puzzle is getting these insights across to the right reporters as quickly as possible – in a way that they can use. We know reporters do not want us to call them and try to dictate comment over the phone – we know their email address and we’re not afraid to use them!

Relationships: This is a 2-way street – we work hard to know which reporters cover which type of stories and the deadlines that they’re working to so that we only send relevant material. We don’t always get it right – we’re enthusiastic humans after all, but 99.9% of the time we’re on the money.

Equally, as Eskenzi is valued as a reliable source of decent content by those who report in the security and technology space, many journalists will reach out to us direct knowing they’re guaranteed to get great quotes from our array of IT security experts to use in their stories.

So, that’s our secret recipe to Rapid Responses – I didn’t say it was easy but practice makes perfect. And we’ve had over twenty years of practice J

When I was thinking about starting a career in PR, I searched high and low for peoples’ genuine experiences of the industry and exactly what an average working day would involve. I actually found it near enough impossible to find this, so I thought I would share what my day involves for others looking to step on to the PR ladder or perhaps even looking to apply for a role at Eskenzi.

9am – Monday morning and it is my week to do the daily newsletter which we send out to clients, so I come in a little earlier than the usual 9.30am start (which I feel is a real luxury). I look through all the technology news websites for any cyber attacks or relevant stories and  compile a newsletter to send to our clients. Next, I look through the 60 or so emails I received since I left the office on Friday and deal with anything urgent first. Then I make myself a well deserved coffee and croissant to start off the day.

10am – Throughout the day it is my job to monitor the news and if keep an eye out for any stories relating to what our clients do. If a relevant story breaks in the news, I send a rapid response opportunity to the client asking them to comment quickly – this is so that we can send the comment out to journalists who may be writing up a story on the topic and hopefully secure coverage for our clients. If there is a big breach such as Talk Talk, we would send the story to all of our clients immediately. Working for such a specialised agency with a good reputation means we also receive many comment requests directly from journalists.

11am My account manager and I jump on a call with the French and German teams to discuss internal activity on a client. Then I prepare the weekly report which captures all our activity for the past week as well as all the coverage we have achieved for the client, which we then share with the client in the afternoon.

12pm – A large part of my role requires me to produce written content on behalf of our clients; this can vary from writing a press release or article pitch to reworking an article to make it exclusive for a publication. So if you are considering a career in PR you must enjoy writing – but remember this is mixed in with many other activities, unlike journalism where you would be writing all day long.

2pm – I come back from lunch and jump on a conference call with a journalist and a client which I organised last week. The journalist is interviewing the client and it is my job to make sure both are comfortable and have all the information they need.

3pm – There are constantly little odd jobs popping up, from editing images on Photoshop or managing a Twitter account to organising events and parties. We distribute these odd jobs between ourselves based on our individual abilities and interests and juggle them with our responsibilities to monitor news and produce content throughout the afternoon.

4pm – The client calls start. As most of our clients are based in the US, we only have a few working hours a day which overlap with theirs, so most of our client catch up calls are in the afternoon, which is often a nice relaxing way to end the day.

5pm – I finish off any admin such as updating the website or compiling all client comments into a comment bank.

So these are my main responsibilities as a PR account exec at Eskenzi, however my day is never really quite as structured as this as no one day is ever the same when you work in PR! Journalists call, clients decide to suddenly break a big story or a huge data breach happens and you have to drop everything to deal with it. Being organised and able to multi-task is essential. On top of that we also have events such as Security Serious Week and InfoSec to prepare for and although this can be stressful at times, it is nice to get out of the office and try new things within your role.

In terms of the general working environment, the Eskenzi office has a very relaxed atmosphere with no dress code and usually music playing in the background and we are given plenty of flexibility such as working from home, should we need to. There are eleven of us working here so there is a real family feel in the office; for example, we are taken out for lovely lunches to celebrate each one of our birthdays. Additionally, as you can see in the picture below, our gorgeous office certainly makes going to work more enjoyable.

IMG_6586.JPG

IE_Logo_Trash-970x546

So, week two of 2016 here at Eskenzi was most definitely no shrinking violet compared to last week’s phenomenal results!

This week, Microsoft released its final patches for Internet Explorer 8, 9 and 10 along with an “End of Life” notice, to encourage users to switch to Internet Explorer 11 and Microsoft Edge, currently only available on Windows 10.

These changes were originally announced back in August 2014, and it is estimated that these older, legacy browsers could account for more than 20% of web traffic. Computerworld reported that as many as 340 million Internet Explorer users are still using IE 8, 9 or 10! NetMarketShare estimates that Internet Explorer accounts for 57% of the browser market, compared with 25% for Chrome, 12% for Firefox and 5% for Apple’s Safari – That’s a lot of people using browsers that are now potentially unsafe, and can no longer be patched.

This means that Internet Explorer won’t receive any more security updates, or other patches. Those still using the browsers could be vulnerable to security threats and even hacks; depending on what other (if any) security software is installed.

A story of this type throws open the rapid response doors for Eskenzi clients, many of which had sound advice on what users, who still use Internet Explorer 8, 9 or 10, can do to ensure they stay protected, despite this news.

Four Eskenzi clients commented on this story – ESET, Tripwire, AppRiver and Bromium – and one from our sister agency, SmileOnFridays – Tenable, which resulted in over 250 pieces of coverage across National newspapers, business publications and trade press.  The coverage obtained was truly global, with publications in the UK, United States, France, Germany, Kenya, Japan, Ghana and Argentina (and many more!) reporting on the news with commentary from our clients included.

Hits include the BBC, The Metro, Business Reporter (included with The Daily Telegraph), BT, SC Magazine, Dark Reading and Yahoo! News.

Several journalists reached out to Eskenzi for specific commentary, as we are so well known to those who report in the security and technology space, knowing they would get great quotes to use in their stories, as well as sound advice for businesses and consumers alike.

We’re lucky to work with so many amazing clients who can, at the drop of a hat, pull amazing quotes and advice out of the bag. I wonder what week three will deliver.

2016-01-06-image-6

Black out's

The first week of 2016 has started AMAZINGLY well for the Eskenzi family of clients.  However, the client who has come out on top and gets a gold star from all of us here has got to be ESET, because they were responsible for uncovering a brilliant piece of research and announcing it just as everyone was turning up at work on Monday morning.  They discovered the BlackEnergy Trojan had been used by hackers to attack the Ukrainian electric power industry and left almost a million people without power over Christmas.  ESET were able to show through their own telemetry that this was not an isolated incident and that BlackEnergy had also been used to target numerous energy companies; however, not all of the targets had successfully been infected by the malware. 

The attack scenario was simple: The target got a spear-phishing e-mail that contained an attachment with a malicious document. The Ukrainian security company CyS Centrum published two screenshots of e-mails used in BlackEnergy campaigns, where the attackers spoofed the sender address to appear to be one belonging to Rada (the Ukrainian parliament). The document itself contained text trying to convince the victim to run the macro in the document. This is an example where social engineering is used instead of exploiting software vulnerabilities. If victims are successfully tricked, they end up infected with BlackEnergy Lite.

So once again something as simple as a phishing attack resulted in hundreds of thousands losing electricity! Crazy eh!

Although this is awful for the people affected and of course the power industry itself is exposed which isn’t good for anyone – it does hopefully mean that the power industry will learn from their mistakes and  take remedial action and make sure they protect their systems with better security in the future.  At the very least you would hope that any companies reading about ESET’s research will take note an ensure their staff are trained to recognise what a phishing email looks like.  See I’ve started the new year all full of hope and optimism!

From our perspective as a PR agency ESET is the perfect client.  They do the research, detection and exposing and we then do our job as their agency to get the story out to all our media contacts.  Research and exposing vulnerabilities makes headlines – it’s still one of the best PR hooks in the book – it’s real, original and newsworthy – it makes headlines!.

As a result ESET have got into almost every national newspaper this week including the FT, Reuters, Forbes, Metro, Telegraph, the Independent, Business Insider, the Register and International Business Times. 

Nice job done – thank you ESET for being a brilliant client – and let’s raise a glass (albeit an empty one, because it’s dry January) to plenty more discoveries from ESET and other clients during 2016.

Looking forward to week two!

 

 

will pr for food

Saul O’Keeffe – PR Executive @Saul_Eskenzi

PR is a notoriously competitive and popular career path for graduates. There’s any number of ways people manage to get on the PR ladder, but as a graduate with little or no experience, it can seem a daunting task.

The reason I chose PR was because I knew how to write and research new subjects quickly, as well as being an easygoing person who doesn’t mind being out of their comfort zone on a regular basis. In short it was a career path where I’d get to test my skills to their limits, while having a real chance of career progression. But the difficult thing is getting that foot in the door, then through said door and on the first rung of that butter-coated ladder.

I had never worked in PR before – I’d never even worked in an office before. So how did I get a job in PR? Some of it was down to skill, some of it to luck and a large part of it was just patience and hard graft.

My experience comprised of charity projects with the Houses of Commons, a degree in political science and a few years working as a violin maker’s apprentice. Speaking to my rivals at job interviews, it was clear that competition was tough and knowing how to build a cello probably wasn’t going to impress someone who wanted me writing press releases and scoring media interviews for their clients.

So I did what everyone in my position did and applied to as many roles as I could – but saw no success. I then tried applying prospectively to companies where no positions were advertised, again without success. Consistently being told I had to do an internship first or hold a PR degree was somewhat disheartening. Then I got some excellent advice – build a strong relationship with a recruiter and be as open and honest with them as you can. Tell them your true likes and dislikes and where you sense your weaknesses lie. That way, they respect your honesty and know how to find the right position for you.

The recruiter then suggested I look at tech PR. It fitted my goals as the industry moves fast, requires consistent effort and creativity and enables me to learn about an area where I had little working knowledge before. It felt like the perfect challenge for someone looking to cut their teeth in PR. I’d had a couple of interviews by this stage and was starting to learn what PR directors are looking for in their teams. It was not long after this conversation I was off to my first tech PR interview – and luckily for me it was at a company where I felt instantly at home!

So my path from university to Eskenzi was hardly a doddle, with some disappointments along the way and interviews that were a complete waste of my time. There were 3 main lessons I learned on my journey into PR:

  1. Make sure you’re applying for PR in the sector that’s best for you – play to your strengths and ask for career advice about where you need to be.
  2. Blanket applications do not work – trust me. Be focused and targeted rather than throwing the whole pot of spaghetti at the wall.
  3. Do not be daunted by rejection or failure – it is all part of the learning experience and it is something to be relished rather than regretted.

So good luck in your applications! One final thing: do not feel pressured into working for free just to get “experience” – experience doesn’t pay the rent! If you work for free, you’re conceding your time isn’t worth any money, which is just not true. Right?

 

Security Serious Photo Call Official Photo (small jpeg)

Thanks to the support of over 70 of the UK’s top cyber-security experts, the first ever Security Serious Week was able to help over 1000 businesses learn how to become more security savvy and cyber-aware, through the FREE week long webinar programme.

Security Serious Week which ran for the first year was introduced to encourage more companies to take security seriously by learning from those who are already security savvy – with the end game of making the Internet a safer place to trade online. Seventy companies offered their time and expertise for free throughout the week by providing webinars, seminars, Q & As and drop-in events on a wealth of cyber-security subjects.

All the webinars are still available to listen to on demand at http://www.securityserious.com

Yvonne Eskenzi, the driving force behind the campaign, explained, “In this cyber-hostile world, it’s all about joining forces to inspire one another to collectively take security more seriously and become more security savvy. The support that’s been shown for Security Serious Week shows that the IT security community are passionate about working together and passing on their knowledge to others in the battle to keep the hacking community at bay!”

Security Serious attracted a number of high-profile supporters from the UK’s leading businesses, universities, associations and government bodies – including: Unilever, BT, HP Enterprise Data Security, Canon UK, HSBC, Publicis Groupe and GlaxoSmithkline as well as many of the world’s leading IT security vendors.

To find out more about Security Serious, the organisations who supported the campaign visit https://www.securityserious.com

So, we’re 4 days in to the inaugural Security Serious campaign and it has been a huge success!

Bearing in mind that this is our first year, it’s pretty incredible that we got over 100 people to the photo call on Monday morning. At least 70 people stayed for the networking lunch, with many staying on for tea and even a bite of dinner!

Security Serious Photo Call Official Photo (small jpeg)

We’ve had some fabulous pick up too over Twitter and in the media. SC Magazine has posted up the picture of all of us in the park and so has PR Week!

http://www.scmagazineuk.com/are-you-serious-about-cyber-security-security-serious-week-opens/article/449326/

http://www.prweek.com/article/1370060/eskenzi-pr-kicks-off-rather-timely-security-serious-week

We still have loads of events going on the rest of this week, and all webinars that took place earlier this week are available on demand. Just head on over to the events page on the Security Serious website to check them out.

PR Case Study: How to Make a Killer Survey

survey2

You will need:

  • One great idea
  • One excited client
  • 1000 eager participants
  • A well written press release
  • Brilliant press contacts
  • A magic touch

In what was a genius light bulb moment for one of our senior account managers, she came up with the idea of carrying out a “cyber IQ test” on the UK public. The idea was pitched to our client ESET, who are working on raising their consumer awareness, and they loved it. So we created the questions for the survey and 1000 participants in the UK were tested on their cyber savvyness.

We then analysed the results and wrote an engaging press release which was pre-pitched to a select few journalists under embargo.  Luckily for us, Press Association loved the idea and wrote an article on it which got syndicated to eleven great publications including BT, Yahoo and Talk Talk.

To our delight, lots of other national newspapers such as the Independent, the Metro and the Sun also covered the story. The Daily Mail even asked us if they could publish the survey on their website for their readers to take the cyber IQ test themselves.

Fancy testing your own cyber IQ? Follow the link below and find out how you rank compared to the rest of Britain.

http://www.dailymail.co.uk/sciencetech/article-3279091/What-s-Cyber-IQ-Security-firm-creates-quiz-reveal-really-know-protecting-identity-online.html

Follow

Get every new post delivered to your Inbox.