Archives For author

Unsung Heroes Banner 2017Once again Eskenzi PR will run the Security Serious Unsung Heroes Awards in September to celebrate and reward all the great work that’s been done by the people at the coalface in cyber-security. That’s the real people who are daily saving our bacon!  If you know any customers, colleagues or friends who have gone above and beyond the call of duty NOMINATE THEM NOW!  It takes literally 2 minutes and is free to enter, free to attend and damn good fun!  It’s made possible by the kindness of some fantastic companies including Canon, GSK, ISC2, ie, Barracuda, Corero, Firemon, Gigamon, Infosecurity Europe, Lastline, Mimecast, SE Labs, itsecurityguru.org and Smile on Fridays.  These awards are about unearthing new talent and thanking all those incredible IT security professionals who work tirelessly behind the scenes doing great work.  Last year over 150 people attended the awards, we all had a real laugh as the awards weren’t stuffy, self-congratulatory or self-serving – just a fantastic networking event in a brewery (it doesn’t get much better than that), with goodie bags for everyone and great big trophies and fun prizes for the winners!  Go on be nice and make someone’s day:)

The categories can be found at https://www.securityserious.com/unsung-heroes-awards/

Thank you for supporting the awards.

124109-Happy-FridaySo Linkedin and social media is a funny one. I’m always cautious what I can and should write, because you never know what people will think – but I am in PR and I always say to my clients that you should blow your own trumpet when you can because no-one else will ever do it for you! I’m not going to blow my own trumpet, but I am going to do it for my staff!

Show PR is notoriously difficult. Clients always expect loads of press and analyst interviews at shows like Infosec, RSA & Black Hat – and yet in reality it’s a very hard task. In fact, it’s near on impossible with over 450 exhibitors at Infosecurity and everyone wanting to talk to the 80 or so press who are there.

Handling expectations is very important, so we always estimate around 5 interviews for an Eskenzi client but, in reality, we got on average around 7 – in fact one of our clients had 16 press briefings!  I think it comes down to the fact that we start reaching out to the press six weeks before the show, BUT only if we genuinely feel our clients have something to say! We will never waste a journalists time, especially when they’re at a show like Infosec as there are so many great keynotes, tech talks and networking events to attend.  So it’s our job to work closely with our clients to make their stories really compelling.

Well my staff worked tirelessly for six weeks, liaising with our clients on new research, great statistics and pulling in relevant senior people just so that the press felt it was worthwhile making the journey to Olympia which, let’s face it, isn’t in the centre of London. So this is why I’m so proud. I’ve tried for about 10 years to get Rory Cellan-Jones (who is the BBC’s technology correspondent) to come down to meet our clients at Infosec, but he’s never been interested!  Well, this year he did! In fact, alongside the BBC came ITV, Radio 4, LBC, The FT, Mail on Sunday, The Times, New Statesman, The Sunday Times, BBC World Radio and of course all our friends from IDC, Infosecurity, SC, Ovum, PAC and ISMG to name but a few.  In total, Eskenzi clients had in excess of 140 press, radio, TV and analyst interviews during Infosec, and the crazy thing is that the BBC, ITV and a handful of other press didn’t actually meet with anyone else but came just to meet our clients – how cool is that! Now you know why I’m feeling proud and happy! 

Rory CL @ Infosec

 Image: Rory Cellan Jones, BBC interview Giovanni Vigna, founder and CTO, Lastline

I also want to add (not just because the sun is shining and it’s Friday), but I love our industry and every time I go to Infosecurity and this was my 22nd I realise what a great industry we work in and what a nice bunch of people work within it!

 

I’m not going to lie it’s been quite a weekend. It all started just before 3pm on Friday when Conor, one of our newest members of staff, noticed a tweet saying the NHS had suffered a major cyber-security attack.  That’s when our Eskenzi rapid response service ended up on steroids!

We sent out a media alert informing the press that we had various cyber-security experts on standby to answer any questions they may have and help explain what was happening.  Our switchboard lit up and every major news organisation was onto us! Reuters, PA, Sky News, BBC WorldService, Talk Radio, Aljazeera, News Week, ITN, The Times, The Telegraph, The Mirror, The Sun – even GQ magazine (now that made me giggle as they’re a trendy men’s lifestyle magazine with lots of buff men with muscles!)

I’m proud to say that our clients who have many of the world’s most experienced and knowledgeable cyber-security experts jumped into action to offer their advice and expertise – together with the Eskenzi team, everyone worked throughout the weekend responding to requests from the press, answering a myriad of searching questions – that clearly the NHS were unavailable to answer.

In fact, it was our clients the press turned to for informed commentary when it would have been better if the NHS had fielded a spokesperson to interview who had insight to offer and intelligence to share – but sadly this didn’t happen! This is why organisations need to have contingency and crisis plans in place that are specifically to respond to a cyber-attack as, sadly, the likelihood is that these occurrences are going to become more and more frequent.  The CISOs or head of Information security in major organisations need to be media trained as these are the guys we want in-front of the camera, on the radio and quoted in the press! We want assurances from the people that know, not ill-informed, ignorant civil servants or ministers who in the NHS’ case hadn’t the faintest idea what they were talking about.

 The corollary of this weekend’s event is really in my mind to celebrate the brilliant men and women in cyber-security who work tirelessly everyday to avert more frequent disasters such as the one we saw this weekend.  When I speak to them regularly, they always inform me of how susceptible we are to legacy systems that are so old they are disasters waiting to happen.  I know that behind the scenes it’s these guys that are stopping disasters happening more frequently.  A bit like the counter-terrorism special unit, who we never hear or see from because they too are regularly gathering intelligence to avert disasters.

We need to attract more people into our industry and fill the skills gap. It’s suddenly become a lot more exciting and events like this, I hope, will make it alluring to students wondering what career to pursue.

Gartner predicts that by 2020 we will have 13.5 billion connected devices, so can you only imagine what will happen when these don’t have security built into them – it doesn’t matter how many fantastic security folks we have working to identify the malware and breaches the manufacturers need to take responsibility for security.

The sterling job that our cyber-security industry display day after day and how a security researcher who goes under the name of MalwareTech together with Darien Huss from Proofpoint who worked through the night to kill WannaCry,  reminds me why we decided to run the Security Serious Unsung Heroes. 

If you know of anyone who should be nominated as a Security Serious Unsung Hero please do nominate them here.

Apart from chasing the story this week, I’m sure we all have some story of how we were personally effected by the effects of the malware. In my case, my mum was cooking dinner for 16 of us and she caught her finger in the blender and had to go to A&E to get it stitched up, but had to wait so long because the effects of WannaCry, she ended up strapping it up herself with the help of my retired GP brother-in-law and a few steristrips.  Saying that my mother, who is a trouper, came back and continued chopping with one hand to finish off dinner.  I helped her chop with one of my spare hands, whilst the other was being used to arrange interviews with the press!!! Oh what fun to be a multitasking PR women.   At the same time my niece who is working as a junior Doctor in orthopaedic trauma ended up having to run around the hospital chasing down the oldest computers as they were the only ones still working to print out patient notes and look at X-rays in the old-fashioned way by holding them up to the light which of course they no longer teach at med school.

So this won’t be the first or the last of these kind of breaches – what next, power stations or water supplies?

RockStarsCybersecurityCircleBadge

working together

So here’s a thing, apparently when you brainstorm most of all the good ideas come out in the first 10 minutes – so DON’T drag it out. If it’s getting boring and everyone is chattering aimlessly forget it – reconvene and do another 10 minutes another day.

I learnt a lot yesterday on my afternoon off at #CASSINNOVATE. It was an innovation and entrepreneurship conference hosted by CASS Business School – now that’s a cool place, in the hottest part of London, just by the Silicon Roundabout in Old Street. I love the vibe there as it’s where all these “youths” call themselves “founders” of “incredible start-ups”. In the coffee break it was quite sweet really – lots of earnest, keen, bearded soles all keen to shake hands and “network”.

Actually, that was the best bit of my afternoon – the session on “leveraging the power of reciprocity” – what the hell does that mean we giggled to ourselves – as my oldest daughter Jazzy and I wondered nervously into the session. Infact, she was the real reason I was there, one of the head lecturers David Gauntlett, who is Professor of Creativity & Design at her University  – Westminster University, and sadly who she’s never actually had a lecture from, invited her to hear him speak at another University – weird that!

Anyway, we gingerly entered this weird sounding lecture on reciprocity and got handed tons of yellow post-it notes – now I am a bit partial to a post-it note so I was really excited as to what was about to happen. Well the gentle and very animated Dr Santi Furnari asked us all to start writing requests such as “anyone know of a creative graduate that has exceptional writing skills” or “I’m looking for an app designer” and “can anyone give a talk on exporting”. These were put on the white board and then the room was asked to offer their help.  Incredibly 3- 4 people could help per request.  Dr Santi said that this is what happens normally, for every request you put out there amongst your network you’ll find that 3- 4 people will be able to help you.

Now that’s pretty AMAZING. It was incredible to watch total strangers offer tangible and real offers of help.  So I think we should all try it – LinkedIn is the perfect networking platform to give it a go.  He said it doesn’t fail, it’s scientifically proved.

It’s all part of the Reciprocity ring and there are Reciprocity events – I’ll have to google them now because I love that idea of my network helping me and me helping my network more when someone needs something. So let’s try his theory – does anyone know a good hotel in Greece this summer?

And more importantly I’m now ready for next afternoon off!

happy-21-birthdayYou know when you think about starting something you don’t really have a game plan in mind – well I didn’t.  It was the 1st September 1995 and I’d just taken a gap year aged 31 with Neil Stinchcombe, my husband and partner in crime.  It wasn’t the “done thing”; we had a mortgage, great jobs, were really at the height of our careers and all our friends were settled down and onto their second child!  Neil swore after travelling he’d never go back into Accountancy, but he did (for the first two years and then saw the light and came and joined me).  I sat at my desk on Monday 1st September and started writing to everyone I knew to see if they needed PR! The first job that came in was a mate on The Sun newspaper who got me going. It’s always a mate that helps out in the beginning, right? I’d worked at News International doing PR and marketing for its new exhibitions division, so it was a natural lead.  My next big break came from a friend who had just starting working at Reed Exhibitions on this really very alien sounding event called Infosecurity Europe – what the hell were IT security, viruses, firewalls, networks, routers? You’ve got to be kidding me!  However, they’d taken on a PR agency to launch it, but they hadn’t the faintest idea how to launch exhibitions – now that was something I’d had lots of practice at!  One thing I knew was how to pull in the crowds, so I convinced the FT to write a whole page on cyber-security frightening facts and hey presto, the rest is history – Eskenzi PR had begun its journey into the unchartered world of IT security. With very few other agencies venturing into that space – little did I know that would be our calling for the next 20 years.

Eskenzi retained Reed Exhibitions for 17 years – not bad considering they were our second client ever.  To be honest, tech was never my calling, you just have to know me to realise that clothes, jewellery and interior design is really where I should have spent my misspent youth, but the people in this industry have been incredible.  It’s a real community of decent, down to earth, genuine people who have been good to Eskenzi PR and we’ve had nothing but fun for the past 21 years.

In that time, we’ve gone from viruses and firewalls – gosh that was a wee bit boring, to fantastic hacks and breaches, state on state sponsored attacks, malware, bug bounties you name, we’ve got our clients talking on it – and hey what do you know – suddenly what we do in the cyber-security industry is exciting. That sure wasn’t predicted or planned!  It was just fluke that we ended up in the most exciting, happening industry far more fun than doing plain old PR promoting the local shop or next big launch of a hand-bag!  How much more fun to be talking about squirmy, dangerous bugs that could spell disaster and eat up your phone!!

It’s all about turning geek speak into real speak and making it clear for everyone to understand and to be honest I think that’s stayed within the Eskenzi DNA – we think national press before thinking techie press!  Not a day goes by when we’re not dreaming up a way to present our clients in a way that will appeal to the masses – we always think first “will this appeal to our friends and our mums and dads?”   Our mantra has always been to turn our clients’ dreams into reality – it seems very corny written down in black and white but it’s true – if you can, why not and to be honest? It’s a simple equation – Happy CMO + Happy Board = Happy Days!

So from 21 years ago when I set up in my dining room, soon to be pregnant with daughter no.1, closely followed by daughter no.2 (which then required husband no.1 to join me to grow said business), we grew out of the dining room, built a loft, grew out of loft no.1, moved to house no.2, built loft no.2, had 17 happy years in loft no.2, until our neighbours had had enough and we had to move out!  This actually was the best move possible, because we’re now in our incredible HQ in North London, just around the corner from house no.2.  For those that have never been here, it’s a converted 2 storey Victorian warehouse which we’ve totally stripped, modernised and put windows everywhere, with huge tall ceilings, lots of colours, art and chandeliers.

Apart from our great offices here in London, we now have a brilliant team in Paris, Munich and San Francisco – that’s a team of 25! Not huge, but perfectly proportioned with just over 20 clients who have stuck with us for an average of 7 years.

We’re also not just about PR as we just can’t help ourselves getting stuck into doing fun things!

So next year we will be arranging our tenth IT security analyst & CISO forum which is 3 events rolled into one, we’ve got the www.itsecurityguru.org which is a news site that captures the top 10 stories of the day and we’re running for the second year Security Serious Week.  Boy that’s coming up fast and furiously with the intention of encouraging people to enter our lovely industry, get security specialists offering their time for free by doing 40 webinars so UK Plc is more security serious and we have the Security Serious Conference taking place on 3rd October at the Department of Culture Media and Sports.  As if that’s not enough, just because we’re suckers for trouble, we’ve also decided to organise the Security Serious Unsung Heroes Awards on 4th October which is all about recognising the people, not the products, who work tirelessly behind the scenes saving our bacon but rarely get rewarded for it!  Tickets for both events can be found at www.securityserious.com or click here.

Looking back over the past 21 years I can say it’s been the best journey ever, making the most incredible friends along the way, enjoying working with some wonderful clients and of course having the smartest team in the world, making it a pleasure to wake up in the morning and come to work.  To all those that are part of the Eskenzi family, we would like to say thank you for being with us on this journey and I hope we can enjoy plenty more happy and successful years to come!

hero

Eskenzi PR have once again decided to run Security Serious Week from 3rd TO 7th OCTOBER to encourage UK Plc to take security more seriously. The whole ethos of Security Serious Week is to garner the cyber-security community to give something back and encourage others to take security more seriously in the hope that together we can create a more secure environment to do business and ultimately act as an enabler to make UK PLC a safer place to trade online.

During the inaugural Security Serious Week last year, over 3000 people took advantage of the 45+ webinars and over 100 people came together for a photocall outside the Tower of London to show that they are “Security Serious”.

This year we are introducing two new events to run alongside the Week.  The first is a Security Serious Conference; on the morning of 3rd October the second is the Unsung Heroes Awards on 6th October.

The Conference will be held for free for 80 business influencers and end users at the prestigious Churchill Room at the Department of Culture, Media and at 100 Parliament Street. The theme of the conference will be around security awareness and run 3 key sessions:

  1. Changing the Culture of UK Plc to “Think before you Click” – making security awareness sticky and fun – a number of CISOs will present on how they are managing to do this within their companies, including GSK, Canon UK, Publicis and The Economist
  2. Top 3 things to make the board sit up and take security seriously – including the importance and changing role that GDPR will have on your business
  3. Why you should you hire a hacker – with speakers such as Jennifer Radcliffe, a well known social engineering expert, Ian Glover head of CREST and Pete Wood, an ethical hacker.

If you would be keen to be a speaker or indeed attend, please email saul@eskenzipr.com.

The Security Serious Unsung Heroes Awards

These awards are taking place for the first time this year on October 6th in Spitalfields to celebrate the people, not the products, who work tirelessly securing UK businesses, Government and the national critical infrastructure.  These are the women and men who have on numerous occasions saved our bacon, from companies being brought to their knees by a breach or a continuity disaster.   There will be no fees to enter the awards or indeed if nominees are shortlisted, they won’t have to pay to come to the awards night either. In order to make this financially viable, we have 10 sponsors paying to cover the costs of the event, including Mimecast, Acumin, AlienVault, Netskope, Lastline, whiteCryption, Imperva, CrowdStrike, Publicis Groupe, Varonis, Proofpoint and GSK.

The whole ethos of Security Serious Week is to garner the cyber-security community to give something back and encourage others to take security more seriously in the hope that together we can create a more secure environment to do business and ultimately act as an enabler to make UK PLC a safer place to trade online.

THE DEADLINE FOR THE UNSUNG HEROES AWARDS HAS BEEN EXTENDED TO FRIDAY 22ND JULY SO IF YOU THINK YOU ARE DESERVING OF AN AWARD OR WOULD LIKE TO NOMINATE SOMEONE WHO IS please go to www.securityserious.com.

 

RAINBOW

Do you remember the day when you got your dream car? How much fun you had driving around in it!  Then, slowly, the feeling started to wear off and you wanted something shinier, faster and smarter!  In fact, if you’re in sales, you’ll know that feeling you get when you are chasing the next big deal you get a huge kick when you bag it, but it only lasts a while before you’re after the next deal.

 

Well PR is a bit like that too, where you are constantly striving for, and demanding, the next big piece of coverage – the big national, TV or radio placement!  The pot of gold at the end of the rainbow! No longer are we just happy with getting into the trade publications; we don’t feel like we’ve achieved true greatness unless we get into the nationals.

 

It’s an addiction! An obsession! And we suffer from it here at Eskenzi!  What’s even worse our clients also suffer from it.  It’s totally contagious, chasing the next big story for that fantastic fix. You get it once and you want more and more!

 

The funny thing is that most of our clients come to us very disheartened about PR. They’ve often been let down by their PR agencies, and don’t really believe that they can get great press coverage day in and day out!  So, when they initially start with Eskenzi PR, they are delighted when they get into the likes of SC Magazine, Infosecurity, TechWeek Europe, ComputerWorld and Computer Weekly.  But then they want more! They start loving the idea that they’re seeing hits to their website going up day by day and then peaking when they get a great piece published.  Then they get into the likes of The Register, V3 or TechCrunch and still want more! Their sales teams start congratulating the marketing and PR teams, which we all know is virtually unknown for sales to do, because when they turn up at meetings prospective customers have heard their company name and are happy to talk to them.  They see the power of PR.

 

Then the icing on the cake happens. We get them a hit in the FT – the golden chalice!  Everyone jumps for joy!  They send out emails to the company, their customers and go home feeling proud that they’ve done a great day’s work!  It’s just the best feeling in the world – a buzz that nothing can compare to!  Then they want even more, we want more and so it happens. The next week’s coverage is just ten nice hits in the trades, but they want the nationals,. In fact they want TV.  And we then have to remind them that PR is all about peaks and troughs –good constant regular coverage in the tech press is just as important as the giant, circulation nationals!

 

Thankfully, at Eskenzi we can provide balance at the same time as maintaining our clients need for the big high!  Maybe that’s why our clients stay with us for an average of seven years.

 

This week alone, we got three clients mentioned in the FT, three different ones mentioned in the Guardian and The Times, and ITV are doing a programme with one of our clients next week. That is all on top of 330 pieces of coverage this week in the trades (and we’re talking The Register, Huffington Post, BBC.)

 

This week is no different to any other – I’d actually say it’s been quite a quiet one, as some weeks we can get 120 hits in one day! I hope, though, that we never get tired of the kick we get for our clients, nor should our clients ever get blasé with the coverage – we love it, we’re proud of it and I know they are too!  Who’d have ever thought that IT security PR would be such fun  and keep providing the constant buzz it does?!

Black out's

The first week of 2016 has started AMAZINGLY well for the Eskenzi family of clients.  However, the client who has come out on top and gets a gold star from all of us here has got to be ESET, because they were responsible for uncovering a brilliant piece of research and announcing it just as everyone was turning up at work on Monday morning.  They discovered the BlackEnergy Trojan had been used by hackers to attack the Ukrainian electric power industry and left almost a million people without power over Christmas.  ESET were able to show through their own telemetry that this was not an isolated incident and that BlackEnergy had also been used to target numerous energy companies; however, not all of the targets had successfully been infected by the malware. 

The attack scenario was simple: The target got a spear-phishing e-mail that contained an attachment with a malicious document. The Ukrainian security company CyS Centrum published two screenshots of e-mails used in BlackEnergy campaigns, where the attackers spoofed the sender address to appear to be one belonging to Rada (the Ukrainian parliament). The document itself contained text trying to convince the victim to run the macro in the document. This is an example where social engineering is used instead of exploiting software vulnerabilities. If victims are successfully tricked, they end up infected with BlackEnergy Lite.

So once again something as simple as a phishing attack resulted in hundreds of thousands losing electricity! Crazy eh!

Although this is awful for the people affected and of course the power industry itself is exposed which isn’t good for anyone – it does hopefully mean that the power industry will learn from their mistakes and  take remedial action and make sure they protect their systems with better security in the future.  At the very least you would hope that any companies reading about ESET’s research will take note an ensure their staff are trained to recognise what a phishing email looks like.  See I’ve started the new year all full of hope and optimism!

From our perspective as a PR agency ESET is the perfect client.  They do the research, detection and exposing and we then do our job as their agency to get the story out to all our media contacts.  Research and exposing vulnerabilities makes headlines – it’s still one of the best PR hooks in the book – it’s real, original and newsworthy – it makes headlines!.

As a result ESET have got into almost every national newspaper this week including the FT, Reuters, Forbes, Metro, Telegraph, the Independent, Business Insider, the Register and International Business Times. 

Nice job done – thank you ESET for being a brilliant client – and let’s raise a glass (albeit an empty one, because it’s dry January) to plenty more discoveries from ESET and other clients during 2016.

Looking forward to week two!

 

 

Security Serious Photo Call Official Photo (small jpeg)

Thanks to the support of over 70 of the UK’s top cyber-security experts, the first ever Security Serious Week was able to help over 1000 businesses learn how to become more security savvy and cyber-aware, through the FREE week long webinar programme.

Security Serious Week which ran for the first year was introduced to encourage more companies to take security seriously by learning from those who are already security savvy – with the end game of making the Internet a safer place to trade online. Seventy companies offered their time and expertise for free throughout the week by providing webinars, seminars, Q & As and drop-in events on a wealth of cyber-security subjects.

All the webinars are still available to listen to on demand at http://www.securityserious.com

Yvonne Eskenzi, the driving force behind the campaign, explained, “In this cyber-hostile world, it’s all about joining forces to inspire one another to collectively take security more seriously and become more security savvy. The support that’s been shown for Security Serious Week shows that the IT security community are passionate about working together and passing on their knowledge to others in the battle to keep the hacking community at bay!”

Security Serious attracted a number of high-profile supporters from the UK’s leading businesses, universities, associations and government bodies – including: Unilever, BT, HP Enterprise Data Security, Canon UK, HSBC, Publicis Groupe and GlaxoSmithkline as well as many of the world’s leading IT security vendors.

To find out more about Security Serious, the organisations who supported the campaign visit https://www.securityserious.com

logo-date+slogan(banner)

Just back from my hols and it’s heartening to see that whilst I’ve been away so many great movers and shakers in the IT security world have signed up to get involved in Security Serious Week in October. So many of the CISO community have already committed their time for free to offer seminars and webinars on a host of great subjects including Unilever, BT, Canon, Lloyds Bank, HSBC, GSK, Publicis Groupe, Markit, Willis and The Economist to name but a few!  Our loyal analysts including Ovum, Quocirca and IDC are on board and yesterday I was delighted that the Department for Culture, Media and Sports have agreed to get stuck in with events during the week and rally other Government departments to do so too – way to go!  The week should be incredibly insightful to any organisation wishing to become more security savvy!  So if you’re an IT security specialist or IT security organisation that wishes to impart your pearls of wisdom to other businesses to make them more Security Serious then why not organise a webinar or seminar. We’ll promote it for you on www.itsecurityguru.org and www.securityserious.com.    We’ve also got loads of companies participating in the press photocall at 12 noon on 26th October outside the Tower of London (find out more at www.securityserious.com) – where everyone will have a banner with their logo on it to show the world they’re “Taking Security Seriously”.  By participating in the day not only will you be counted as a company that’s Security Serious but it’ll be a great networking event as we’re all going to meet in the pub after the photocall – CISOs, analysts, press, vendors and other IT security professionals.  Hopefully, by getting together new contacts will be made and we can work together to make UK Plc a safer place to do trade Online! If you want to brainstorm how you can get involved then email me Yvonne@eskenzipr.com!