Archives For author


It’s gone bonkers at Eskenzi PR since the New Year winning some awesome clients, selling out our IT Security Analyst & CISO Forum, being shortlisted for a UK Government award (I’m not allowed to say any more until it’s announced in April). So, we need to recruit for a wonderful, talented and brilliant account manager who can fit into our happy, dynamic and friendly agency!

We are looking for someone with:

  • Proven PR experience
  • Ambition and drive to progress
  • Prior B2B or technology sector experience would be ideal
  • A team player
  • Self-starter with the ability to inspire juniors
  • An interest in writing articles, blogs and press releases
  • Experience in social media as well as traditional media
  • Experience of developing and running impactful campaigns
  • An interest in cyber security
  • The ability and ambition to build strong productive relationships with clients and help them raise their profiles and grow their businesses.

Most importantly, you’ll be brimming with ideas, have a creative mindset and keen to develop your PR career with us.

In return you can expect:

  • Competitive salary, based on experience
  • Bonus opportunities
  • Pension scheme
  • Flexible working arrangements
  • A dynamic agency
  • Opportunities to progress and develop
  • Plus many more!

If this is you or anyone you know, please email a CV and covering letter to Yvonne Eskenzi





Data Privacy Day – or Data Protection Day if you’re in Europe – is upon us once again on Sunday January 28th. If peanut brittle can get its own day (yes, it’s true and if you’re reading this in real time then you can just make it), then why not data privacy and protection?  Data is serious business, and with more attention than ever before on data breaches and the resulting consequences, it seems right to take this opportunity to think about the data we make available online.

One of our clients, Tripwire, a leading global provider of security and compliance solutions for enterprises and industrial organisations, conducted a poll that asked “who are you most concerned about collecting your private information? The government, corporations, identify theft criminals, or online stalkers/harassers?”. Of the 315 who participated, the majority (40%) said they would be most worried about corporations stealing their information. Nearly a third (27%) said they were most concerned about the government gathering their critical data, whereas only a fifth (21%) voted for identity theft criminals as being their main concern. Only 12% were concerned about online stalkers and harassers storing their private information.

It says a lot that the overwhelming majority 315 people are more concerned about governments and corporations collecting their private data than criminals and online stalkers. It also strengthens the use case for the upcoming GDPR, as it shows that people are indeed concerned about how organisations are treating our personal information.

Tripwire experts have shared the following tips to keep your data private:

Tim Erlin, VP of Product Management and Strategy at Tripwire:

“Nearly the entire economy is geared to convince you that your data really doesn’t need to be private, and that you should freely share it. From social media, to loyalty programs, to smart home devices; all of these trends are built on the back of your data. Remember that it’s yours, and it’s valuable and you have a right to protect it and keep it private. That leads you to making explicit choices to share, rather than sharing by default. And maybe, that awareness changes a few of those choices.”

Paul Norris, senior systems engineer for EMEA at Tripwire:

“As everyday interaction with the world around us is becoming more reliant on computer systems, it’s even more vital that you should care and take action around your data privacy. These days, personal identifiable identification (PII) data can be stored at a lot of places ranging from local drives on laptops, through to portable media and cloud providers storing data online. It’s imperative that you maintain individual strong passwords for all your online accounts, so if one account is compromised, other accounts do not suffer. And as you will have so many passwords to manage, consider using a password management piece of software and enable two-factor authentication to add a layer of security to your solution.”

Tyler Reguly, manager of security research and development at Tripwire:

“Accept that your data is not private. Once you do that, you will find yourself less stressed when your data is inevitably breached. I have three rules that I try to live by:

-If they don’t utilize Amazon/PayPal for payments, place your order elsewhere.

-If you wouldn’t get it developed at the store, don’t take the picture.

-Don’t take risks with your primary PC. Restrict social media browsing to cell phones, tablets, and secondary PCs.

In the distant 1978, the world witnessed an extraordinary event – the birth of the first spam email. If you already knew that, I’m impressed. If you didn’t and you’re quite shocked, I’m with you. Although it wasn’t referred to as spam at first, the email was sent by Gary Thuerk, a marketer for the Digital Equipment Corporation, to several hundred users presenting information about open houses where people could check out or purchase the computers. And now, forty years later, our inboxes are heavily bombarded with spam emails promising great holiday offers, informing you that you’ve won the lottery or simply asking you to “click here”.  However, far from being a rather innocent, email marketing tool, spam emails have transitioned into a dangerous attack vector for cyber criminals, aiming to hijack your device and extort money, information or sensitive data.

The Evolution of Spam Emails

Spam hardly needs an introduction. It encompasses everything from ads for products or services, money scams, malware, phishing and so on. Nowadays, everyone who owns a smartphone or computer has experienced the frustration of receiving one of these random, sleazy and quite often weird emails. However, even though spam emails have been around for so long, they still seem to work. Spammer techniques have evolved to avoid new spam filters and thus, those messages still reach hundreds of thousands of people worldwide, many of whom fall for the them.

With the growth of the Internet and online platforms, spam has evolved from email messages to mobile texts and social media spam. Indeed, back in the day, email addresses were easy to harvest from website subscriptions and people were more willing to give them away. Eventually people got sick of irrelevant messages. And as email filters became more and more sophisticated, spammers had to find new targets and creative ways to get their messages across. Moving on to texts messages, spammers plagued mobile phones with unwanted ads or texts – the last one I got was about collecting my tax refund. What’s yours?

Nowadays, it harder than ever to obtain someone’s email or mobile number (unless they willingly give it, of course), so the prime targets for spam are social media accounts. Many of us have been followed by a fake account – a fake online identity used for purposes of deception – which send us texts and automatically comments on our posts (e.g. “Nice photo. Please check out X by following this link [link] or Please check you DM when you can).

How to Handle Suspicious Messages

Spam is cheap to send and it still works, so cyber criminals will continue to use it. Therefore, it’s important to understand how to recognize a suspicious email/message and approach it with caution. Here are some of our tips:

  • DON’T CLICK ON ANY LINKS (unless you’re 100% sure they are legit)
  • Use caution when opening any email attachments (attachments are often used as part of phishing scams).
  • Avoid downloading any programs/software on your computer
  • If the email is from someone you know (e.g. colleague or friend), but it still looks suspicious, make sure you double-check they actually sent it (by giving them a call).
  • Make sure you turn on the privacy mode on your social media accounts, so you can control who’s following you. This can help to shield you from fake accounts and their dodgy messages.

By Elizabeth Nikolova

Over the past few weeks, news of Bitcoin, the cryptocurrency, has taken the world by storm. Its valuation continues to smash through price barriers with the value of one Bitcoin rising as high as $18,000. Those who were lucky enough to be in the know and invested during the currencies infancy are said to have made fortunes since its dramatic rise. “For the love of Money” by the O’Jays will certainly be ringing out for them.


Naturally, this garnered immediate interest with news outlets around the world covering the minute-by-minute trading sessions while many in the general public, many of whom were hearing the term Bitcoin for the first time, wanted a piece of the pie.


But what is Bitcoin? How secure is it? Should I be investing? All valid questions that the everyday person on the street is asking… So, here is what you need to know…


Bitcoin is a digital currency, which is created and stored electronically. There is no physical form for Bitcoin – they are not printed. The details of any transaction made using the currency is recorded within an online ledger called the blockchain.


To generate Bitcoin, people use computer software to solve mathematical problems and in return can produce Bitcoin. This is referred to as ‘mining’. Even though it is said that only 21 million Bitcoin in total can be mined, in theory, anyone can join the online community and ‘mine’. As the software is open sourced, the mining activity and overall network can be monitored and regulated to ensure the network remains stable and secure.


To store Bitcoin securely, it is advised that the user acquires a security wallet, with the most common wallets installed either on the user’s desktop or on their mobile device. Each wallet is secured with encryption and accessed with a password.


However, like all things in life, there are negatives associated with Bitcoin. Bitcoin has a dark past and is a main currency used for illegal activity on the Dark Web – such as drug trading. In addition, the security methods have been plagued by a sequence of high profile cyber attacks, with the latest striking the Slovenian based Bitcoin mining marketplace NiceHash, where nearly $64m in Bitcoin was stolen.


Yes, the currency is increasing in value and yes, it is making a lot of noise but there are some that are sceptical. Many within the digital and financial industries are keeping a close eye on this ‘bubble’, which many believe will inevitably burst.


Like any investment, research into a product is always advised and bitcoin is no exception. This is an entry-level introduction to Bitcoin and the information provided should in no way give you the confidence to invest. So, do your homework before purchasing!

At Eskenzi PR, we believe PR is more than simply achieving press coverage. It’s about staying current in the industry and shouting about news that really matters. By sharing with the world your company’s voice and achievements around various social networks, we help keep you relevant, topical and in tune with the daily news discussion.

For our client FireMon, we send 3 stories in a twitter format (inclusive of hashtags and @’s) on topics relevant to the cyber security industry, which are then sent out periodically on the day from the company’s twitter channel. These can be tailored specific to the client’s own needs. We have also created a newsletter for FireMon to distribute internally which champions the week’s top coverage and the three top news stories from that week. This again helps increase overall viewership, shares of FireMon content and employee engagement.

In addition, any FireMon coverage obtained will be shared across Twitter and LinkedIn from members of the Eskenzi FireMon team to increase circulation and potential viewership. This helps boost FireMon’s overall Share of Voice which regularly pushes FireMon above their competitors. This is measured by our industry leading PR and social media analytics platform, TrendKite.

FireMon Overall Social Share of Voice comparison against competitors 1st January 2017 – October 31st 2017

Firemon case study

*Facebook, Twitter, Google+, LinkedIn and Pintrest are measured

TV is often considered the holy grail of PR, and one of the best ways for clients to really get noticed in the wider marketplace. As a result, we make great efforts to maintain regular contact and good relationships with TV producers for the various channels, and regularly get our clients interviewed on news programs offering comment about breaking news stories. But getting BBC Click to film and interview a handful of our clients at our offices for a special program about security was a rare highlight. Here’s how it happened…

Last May, as usual, we were busy contacting reporters in advance of the Infosecurity Europe trade show to offer interviews with our clients. We had managed to interest producers in speaking to a couple of clients but, as so often happens with TV, their plans changed at the last minute and we had to cancel. But we stayed in touch, and a few months later, we discovered that BBC Click was planning a special show about security to coincide with the annual DEFCON conference in Las Vegas. So it was a perfect opportunity to try and persuade them again to include some of our clients.

We had lengthy conversations with the producers about what they were looking for, and suggested some of our clients that might complement those storylines. As a result, the BBC Click team descended on the Eskenzi offices for an afternoon and filmed a series of our clients talking in-depth about pressing security issues. AlienVault and Cylance both discussed the growing availability of ransomware on the dark web, and demonstrated just how easy it is to purchase these exploits. Meanwhile, Positive Technologies demonstrated how easily a cash machine can be hacked via the Windows XP operating system that many of them use.

But the icing on the cake was persuading BBC Click to send a reporting team over to Newport, Wales, to film on location at Airbus CyberSecurity’s Security Operations Centre. The footage effectively captured the various services that Airbus CyberSecurity can offer, the types of customers that it works with, and the effectiveness of their SOC team at responding to global threats, like WannaCry. In short, it was a PR’s dream. Even better was the fact that, as a result of seeing the film, Airbus received an important inbound sales lead from a potential customer in the water industry.

The full program – Fear and Coding in Las Vegas – can be viewed here:

TelAvivAs a PR agency, we have one key indicator of our success: Coverage. If we can secure good quality, in-depth, and of course positive coverage for our clients, in relevant publications that complement their business goals, we can rest easy at night.

But how do we do this? All too often in the hyperconnected, globalised world of PR, we rely on sending clients comment opportunities which they then respond to for the media, who publish it. While this approach undoubtedly gets results, there are hundreds of other agencies across the globe playing the same game…So how can Eskenzi PR help their clients to get top quality editorial coverage, focused directly on them and highlighting their numerous successes?

One method which we’ve found success with in the past is to bring the media to the client, not the client to the media, in the form of press trips. This is a method which is particularly useful with an agency like Eskenzi, which has a client base with a global reach; It allows the opportunity to take press from all over the world to see our client’s expertise first hand.

One such trip is currently in the works with one of our clients, Imperva, to their offices in Tel Aviv, Israel. This press trip will be attending by influential tech journalists from all over the world, representing publications such as The Times, Dark Reading, The New Statesman, SC Magazine, The Times of Israel and Bloomberg.

Imperva, aside from being a major name in the global cybersecurity market, are also an invaluable player within the Israeli cybersecurity industry. Described as the ‘cybersecurity capital of the world’, Israel has been extremely proactive harnessing homegrown security talent in recent years, and huge brands like Imperva have provided invaluable support, advice and guidance to start-ups looking to succeed in the industry.

So, this press tour will allow Eskenzi not only to demonstrate Imperva’s expertise within their own company, but will also help to frame them as a force for good in the cybersecurity industry generally, helping to nurture and support the next generation of companies that will be striving to keep our data safe, and will also allow some of our key journalist contacts to enjoy a trip to a fascinating and fun location.

To find out more about Eskenzi PR’s latest press outing, watch this space!

The world of social media was rocked last week when Twitter announced that it would allow people to increase the length of their tweets from 140 to 280 characters. The move follows a trial among a small group of users during September, in response to criticism that it was not easy enough to tweet.

During the test period, only 5% of tweets sent were longer than the original length of 140 characters, and only 2% used more than 190 characters. But the social media site revealed that those who did use the longer tweets got more followers, better engagement and spent more time on the site, according to a blog post which detailed the findings.

But soon after the announcement was made, the Twitter backlash began, with newsfeeds quickly clogging up as people tried to experiment with the new format, often using up the characters with meaningless words and jokes. Many pointed out the changes they would rather have seen, such as a crackdown on hate crime, or the introduction of a chronological timeline and edit function.

But how could this change affect those of us working in PR? Twitter is another medium that we use to contact reporters about client news, and when we’re dealing with complex reports, then the additional characters might allow us to include a different angle or additional detail beyond the headline. The change should also be useful for social media analytics, giving us the potential to track influencers’ interaction with brands in a more meaningful way.

But the move could also spell trouble for consumer-facing organisations who deal with customer services on Twitter. Public complaints made in this way could soon become more detailed and potentially damaging for brands, and to diffuse potential crises it will remain key to respond quickly and take any damaging conversations offline where possible.

Any brand communicating with their customers via Twitter would do well to remember the Twitter backlash when the announcement was made. The platform has become popular as a micro-blogging site, and succinct communication is key – so it will be important to avoid any unnecessary words, and make every character count, to retain high levels of engagement.

Twitter currently has 330 million active users, compared to 800 million for Instagram and more than two billion users for Facebook. The change to 280 characters is part of Twitter’s broader plan to attract new users and increase growth.

If you’re in the security game, WannaCry is like celebrity deaths…You always remember where you were! I for one was in the office, frantically getting all the available information over to my clients so we could have a comment written, approved and pitched in a timely fashion.

Such was the same when the NAO announced at the end of October that the NHS could have prevented the WannaCry attack by taking simple cybersecurity recommendations. While this was admittedly terrible news for the NHS, it was great news for our Eskenzi clients! A nationally recognised government office, going on the record about the cybersecurity failings of another globally known, much-loved national institution was almost too good to be true. This is particularly useful for our clients as the report echoes the sentiments that expressed as the time of the original WannaCry outbreak back in May.

At this point, the Eskenzi ‘rapid response’ process ramped up a gear, with Eskenzi employees all over the globe mobilising to capitalise on the news, and allow our clients commentary to become a part of the news agenda around this story. Both the quality of the comments our clients can provide, and the speed and accuracy with which they are pitched to the media are all crucial factors to consider when dealing with a rapidly changing news agenda. Luckily for us, the combination of our excellent PR professionals and our clients’ sector-leading knowledge meant comments were quickly drafted and pitched from across the infosec spectrum. Some of our excellent client commentary on the subject is included below:

Javvad Malik, security advocate at AlienVault:

For many organisations, it’s not a matter of if, but when. Fundamental security controls and hygiene could have prevented, or at least minimised the impact of WannaCry on the attack. But perhaps even more telling is that while the Department of Health had an incident response plan, it was neither communicated nor tested. Without a clearly communicated and tested incident response plan, trying to make one up in the midst of an incident is a recipe for disaster.

It becomes increasingly important for all organisations of all sizes to invest in cyber security. It doesn’t necessarily need to be huge investments, but care should be taken that the fundamental security controls are put in places and validated, as well as testing an incident response plan.

Anton Grashion, managing director-security practice at Cylance:

“While it’s true that organizations could have prevented at least one recent ransomware outbreak through ‘basic IT security,’ such as regular patching, the fact remains that a treasure trove of weapons-grade malware has recently been made available to every variety of threat actor on the Dark Web. It’s easy to say that if recommendations were acted upon the effect would have been less, but there would still have been an effect because the initial malware infection had to be stopped as well – not something the recommendations covered.

“Regular patching is necessary, but not sufficient for preventing highly damaging cyber-attacks on networks. It’s still imperative for security teams to evaluate next-generation anti-malware technologies inside their own organizations to see what works best for their purposes against these increasingly sophisticated new malware types, which are regularly failing to be stopped by traditional security products. Indeed, there is still a large estate of aging operating systems in daily use in both public and private organizations and while it is advisable to migrate to more up to date versions it’s sometimes a decision on what else will be cut to upgrade. Better yet is to protect these platforms in the first place and buy some breathing space in which an orderly upgrade program can be executed when budgets allow.”

Stephanie Weagle, VP at Corero Network Security:

“Organisations operate un-patched legacy systems and no formal mechanism to effectively protect against the evolving landscape of cyber security threats is irresponsible.  Over a third of national critical infrastructure organisations in the UK (39%) have not completed basic cyber security standards issued by the UK government, according to data revealed under the Freedom of Information Act.  In order for the UK to become the safest place to do business, Critical Infrastructure must engage in cyber resiliency best practices, and proper security defenses.  To keep up with the growing sophistication and organisation of well-equipped and well-funded threat actors, it’s essential that organisations maintain comprehensive visibility across their networks, to instantly and automatically detect and block any cyber threat, including DDoS attacks.”

Edgard Capdevielle, CEO of Nozomi Networks:

“The National Audit Office’s report reminds us that cyber security is not optional, it needs to be part of regular operations. Clearly there is a high cost when regular IT system updates aren’t implemented and cyber security recommendations aren’t followed.

“Attackers continue to look for new and inventive ways to infiltrate organisations and infrastructure meaning global outages as Wannacry was able to realise could become increasingly frequent if left unchecked.

“The EU’s NIS Directive due to be implemented into UK law next May, those who fail to adequately protect infrastructure will be penalised financially.

“With ransomware – such as WannaCry, especially given its ability to reinfect connected devices, prevention has to be first and foremost. Applying artificial intelligence and machine learning for real-time detection and response, organizations can monitor for known malware infections and detect anomalous behavior that might indicate new malware variants enabling organization to rapidly discover and act to remove malicious code before harm is done.”

Gavin Millard, technical director at Tenable:

“In theory, Wannacry could have been easily prevented by deploying a freely available patch and restricting or removing a ubiquitous service called SMB from Windows systems that couldn’t be updated. In reality though, due to the complex networks in place, overlapping ownership of devices and systems that can’t be updated due to contractual issues with the suppliers, this was far from trivial to accomplish.

“To be resilient to further attacks of this nature, each of the NHS trusts has to ensure foundational security controls are in place and identify where improvements are needed. The UK government has already defined controls every critical infrastructure should follow with schemes such as Cyber Essentials and NIS. But to implement these guidelines effectively, investment is required into a public sector that is already severely lacking funds.

“As we become more reliant on IT systems for every aspect of our critical infrastructure, including healthcare, the impact of a major vulnerability affecting those systems shouldn’t be underestimated or the risks ignored. Putting in place a robust process for identifying all systems on the network and how vulnerable they are, are foundational security controls for a reason. Without this ability, networks will continue to be easily infected by ransomware like Wannacry”

For other coverage successes at Eskenzi, please go to

By Conor Heslin, Account Executive at Eskenzi PR

Many of us now rely on open source software for almost every aspect of our daily computing needs, from our web browsers (Firefox) to email solutions (Zimbra) and content management systems (WordPress).  These solutions make computing much more accessible and save consumers considerable amounts of money – a 2008 report by the Standish Group states that open-source software has resulted in savings of about £48 billion per year to consumers.  But, what drives the open source revolution? Why do people adopt this software and what does this mean for security?

From a user-experience and performance perspective, open source software works in the same way as proprietary software. However, open source software gives its users the transparency to access its code and the freedom to copy, change or improve it. What this means for security is that more people are looking at and testing the code, so if there is a problem it is more likely to get noticed faster and fixed before it causes any serious harm. Indeed, as the fix will be publicly available, other organizations can adopt it and shield themselves from the same problem. Whereas, in closed sourced software, no one outside the organization knows about the bugs or problems discovered in their code and often, it could even take months for companies to release a patch.

Open source software can be used to help solve cybersecurity problems by enabling individuals to share their knowledge on security issues and collaboratively come up with solutions for them. And because these solutions will be publicly available this means that anyone can reuse or even improve them. A great deal of the cyber security problems we face today have occurred due to bad design or the lack of knowledge about potential security threats. However, by openly sharing existing knowledge about threats, OSS can certainly improve the security landscape.

Indeed, the key elements of open source software are its openness and transparency. And it is precisely the lack of secrecy that create trust in users, developers and the organizations themselves. For example, when it comes to something as simple as the use of encryption software, which helps secure information, email/text messages or any other type of online communication, users are more likely to trust an open sourced solution than one that claims their code is indestructible.

On the other hand, open source software tends to be less “user-friendly” and may require more technical knowledge than proprietary software, because it essentially doesn’t aim at generating money. However, learning about open source software and how both organisations and individuals can benefit from using can be crucial for establishing the security and privacy aspects in information technology. It’s definitely an area worth exploring!

By Elizabeth Nikolova, Account Executive at Eskenzi PR