It’s a Matter of Trust: How Security Vendors can Build Trust using PR

Trust and communication are essential to a successful relationship, particularly in business. A company may have a market-leading product, but without the correct promotion, the target audience may be unaware of the brand – let alone trust them – and the offering is redundant. Unfortunately, security vendors aren’t immune to this. In fact, they feel this burden more acutely as they need to build and sell trust.

In light of Cybersecurity Awareness month, we are sharing some of the key takeaways from our survey that investigated buyers’ criteria for selecting a security vendor. It identified communication as a key influencer in securing trust. If you consider that almost 64% of C-Level executives cite cybersecurity as a top priority, you can see why these vendors should seriously rethink their communication tactic, if indeed they have one.

In the battle to win sales, perception is everything. In fact, over 70% of respondents highlighted that a vendor’s media presence is critical in building their trust and loyalty to a particular brand. This doesn’t mean that companies need to dominate the mainstream headlines. Prospects regard trade titles in high esteem as they comprise comprehensive, technical articles specific to their market. For vendors, although offering a fraction of the readership, trade publications provide a targeted approach, often resulting in stronger conversion rates. Manufacturers should also consider who to accredit the content to. Almost 60% of those surveyed favoured articles from technical experts such as CTOs, Security Directors and CSOs. With a deep understanding of the company’s solution, they are considered to have a personal responsibility in the quality and reputation of their company’s offering and therefore more likely to be trusted.

Trade titles are only one piece of the communication puzzle. Being present in industry analyst reports, participating at trade shows and publishing customer case studies all emerged as crucial factors too, indicating the importance of an integrated communication and PR strategy. In fact, almost 50% of respondents considered analyst reports as a reliable source when selecting a vendor. These, along with case studies, comprise informative, accurate and impartial information about a product. In the instance of a case study, this third-party testimonial shines an insightful light on how a particular solution is being deployed by an existing customer.

For many, this advice may seem obvious. Perhaps you’re already deploying PR to a degree although, it’s worth considering how a PR agency can quickly establish trust in your brand, helping you drive sales.

A good PR agency will have knowledge of the wider industrial landscape and relevant target markets, although a great agency will want to truly get to know your business and become an extension of your marketing team. This is in our DNA at Say. We’ve worked with many of our clients for several decades now, helping them to become the trusted provider in their respective fields which we will address in our next blog. For now, I leave you with one final consideration during cybersecurity month – it’s a manufacturer’s responsibility to build trust, while it’s an individual’s decision to trust in it. If you’re considering your marketing plan for next year and want to learn more about how we can help you become the go-to, trusted vendor, contact us.

Augen auf bei der EU-DSGVO: Gesetzliche Neuerungen im Bereich Videoüberwachung

So viel ist klar: Wenn im Mai 2018 die EU-DSGVO anwendbares Recht wird, drohen all denjenigen, die sich nicht an datenschutzrechtliche Vorgaben halten, empfindliche Bußgelder. Bei leichten Verstößen sind es zwei Prozent des weltweiten jährlichen Konzernumsatzes oder 10 Millionen Euro, bei schweren Zuwiderhandlungen vier Prozent oder maximal 20 Millionen Euro. Zum Vergleich: Aktuell werden bis zu 300.000 Euro fällig, erfüllt ein Betrieb nicht die gesetzlichen Anforderungen. Das Thema Videoüberwachung beispielsweise hält einige Aspekte bereit, mit denen es sich für Unternehmen lohnt, genau hinzusehen. Sonst kann es teuer werden.

EU-DSGVO

Die Datenschutz-Folgenabschätzung

Bisher regelt § 4 d Abs. 5 BDSG (Bundesdatenschutzgesetz) die Vorabkontrolle. Dabei handelt es sich um eine Prüfung von Datenverarbeitungsvorgängen, die bezüglich der Rechte und Freiheiten der Betroffenen ein hohes Risiko bergen. Aufsichts- oder betriebliche Datenschutzbehörden prüfen dabei die Voraussetzungen einer geplanten Überwachung auf ihre Rechtmäßigkeit. Die EU-DSGVO enthält einen vergleichbaren Passus – Artikel 35:Dort schreibt die neue Verordnung eine „Datenschutz-Folgenabschätzung“ vor. „Hat eine Form der Verarbeitung, insbesondere bei Verwendung neuer Technologien, aufgrund der Art, des Umfangs, der Umstände und der Zwecke der Verarbeitung voraussichtlich ein hohes Risiko für die Rechte und Freiheiten natürlicher Personen zur Folge, so führt der Verantwortliche vorab eine Abschätzung der Folgen der vorgesehenen Verarbeitungsvorgänge für den Schutz personenbezogener Daten durch.“ Artikel 35 Absatz 3c führt aus, dass eine solche Abschätzung beispielsweise immer dann erforderlich ist, wenn systematisch und weiträumig öffentlich zugängliche Räume überwacht werden. Bei der Datenschutz-Folgenabschätzung unterliegen die Verantwortlichen außerdem einer umfassenden Dokumentationspflicht, bei der sie beispielsweise die identifizierten Risiken nachvollziehbar bewerten und die Verarbeitungsvorgänge systematisch beschreiben. In Zukunft ist also jedes Verfahren genau unter die Lupe zu nehmen. Nur so können die Verantwortlichen entscheiden, unter welchen Umständen eine Datenschutz-Folgenabschätzung nötig ist.

Wann ist eine Datenschutz-Folgenabschätzung angezeigt?

Während einige Fälle in Zukunft schwer einzuschätzen sind, gibt es dennoch einige Situationen, in denen eine Datenschutz-Folgenabschätzung höchstwahrscheinlich notwendig ist. Es ist derzeit noch nicht möglich, eine Garantie zu geben, unter welchen Umständen eine Datenschutz-Folgenabschätzung zwingend ist. Aufsichtsbehörden werden gemäß Art. 35 Abs. 4, 5 DSGVO ermächtigt, Listen mit Verarbeitungsvorgängen auszuarbeiten, für die eine Datenschutz-Folgenabschätzung unumgänglich ist. Ob diese Listen vor Mai 2018 erscheinen, ist noch unklar. Doch wenn auch ohne Gewähr, soviel sei gesagt: Die Artikel-29-Datenschutzgruppe   ̶  das unabhängige Beratungsgremium der Europäischen Kommission bei Datenschutzfragen   ̶  ist der Meinung, dass eine Datenschutz-Folgenabschätzung angebracht ist, wenn beispielsweise der Straßenverkehr intelligent überwacht wird und Autokennzeichen erfasst werden. Auch die Überwachung von Mitarbeitern in Unternehmen erfordert eine Datenschutz-Folgenabschätzung. Die beiden Beispiele können als Anhaltspunkte dienen, wann eine Datenschutz-Folgenabschätzung durchzuführen ist. Prinzipiell gilt: Im Moment ist es noch nicht möglich, eindeutige Aussagen darüber zu treffen, wie bestimmte Paragraphen der EU-DSGVO tatsächlich auszulegen sein werden. Die Praxis wird es zeigen.

Is France the Promised Land for cyber security start-ups?

Today, cyber security has become a major stake for the world of tomorrow. The protection of personal data as well as the defence against cyber-attacks targeting businesses became top priorities. And everyone, from the most humble of individuals to the most powerful government, is concerned. Faced with a dizzyingly fast evolving threat, innovation has become a prerequisite.

Whilst countries such as the United States or Israel are known to be dominant in cyber security, France is becoming pivotal to the sector thanks to a focus on breeding agile start-ups.

A dynamic sector 

France currently has more than 110 start-ups or SMBs specialised in cyber security, which equals a little over 1,000 jobs. While these numbers seem a little low at first sight they are constantly increasingly, and the size of the market will probably more than double in the years to come.

Of these, around 60% entered the market to further develop existing types of cyber security technology such as network security or identity management. The rest are pushing beyond into new sectors and either creating new cyber security solutions or securing new technological uses for cyber security.

These start-ups and SMBs are not afraid of market consolidation. Despite strong competition in the cyber security sector, new entities are created each year, and we are seeing lots of new innovative solutions in the field of application security (Sqreen) or industrial systems (Yagaan, Sentryo and Seclab in particular). France is also very well positioned in the field of reverse engineering or cryptography with companies such as Cryptosense calling France home in part thanks to the French School of Mathematics, which allows start-ups and SMBs to have access to leading experts.

A favourable environment

In France, people have also taken full measure of the importance of cyber security, with numerous events that highlight and support innovative start-ups.

For example Assises de la Sécurité, which has become world renowned, has its own Innovation Award, for innovative SMEs and there is also the promiment innovation competition organised by Société Générale and Wavestone. These events also serve as matchmakers between start-ups and their investors which are mostly public and private players from the defence sector.

Les Assises de la Securite

In addition several government programmes, sponsored by the ANSSI, exist to support start-ups, such as the “Programme Investissement d’Avenir“, which invests €22 billion euros in research, the Cyber Defence Pact and the Young Innovative Company status which reduces R&D costs, social security contributions and corporate tax. Numerous other associations are present in France in the field of cyber security, such as the Alliance for Digital Trust, Tech in France and Hexatrust. To tie all of this together, there is the “France Cyber Security” label, created to promote national cyber security solutions in France and abroad and increase their visibility and use.

Thanks to all these aids and initiatives, cyber security start-ups are doing well in France. But there is still a lot more to do.

Exploiting its full potential

However, whilst France has 228 national incubators and about fifty start-up accelerators, none are explicitly dedicated to cyber security. This is a weakness that must be corrected as soon as possible, especially since some aspects of cyber security, such as “deception” (providing false information to an attacker to slow him down) are still relatively ignored in France, whereas Israel and the rest of Europe have made it one of their priorities.

Similarly, French start-ups are only located around a few cities: Paris, Lyon and Rennes for the most part, the rest being scattered in the south of France. It still lacks a real area dedicated to the field of cyber security, such as the UK’s cyber security hub in Cheltenham.

But for France, to distinguish itself at the global level, it is not the number of start-ups, but the export of these companies abroad that counts. Some, like Tetrane and Quarkslab, are already internationally recognised. Qualys and Linkurious are also two examples of start-ups that have been able to export themselves well. However, it is more of an exception than a rule. Many others have identified the same problem, an inability to communicate effectively. French start-ups are far from the level of their international competitors in marketing, and struggle to sell their ideas.

Improving the international transition, diversifying into all aspects of cyber security and creating an area dedicated to this field are some of the vital points for improving the efficiency of French start-ups. France is fortunate to have a pool of dynamic young bosses, a true culture of innovation and real support, from the authorities as well as the media, companies and industry. There is truly a card to play – it just needs to be played well.

Why Your Cybersecurity Should Get Physical for National Clean Out Your Computer Day

This week sees the 18th National Clean Out Your Computer Day, and while It may feel like awareness days are popping up everywhere, this is an important one to take notice of, especially if you value keeping your personal data private. After all, to a criminal your personal or work computer can be a gold mine. If a stranger were to get access to your PC, it is possible that they may even learn enough to steal your identity.

Most of the advice given around Clean Out Your Computer Day concerns a modern type of cleaning – however what is more important than a dust cloth and anti-bacterial screen wipes, is having a decent knowledge of data sanitisation. This includes how to clear your browser and download history, turn off the ‘remember me’ setting for your regular passwords and run anti-virus software to make sure your computer is free from malware.

Clean Out Your Computer Day

Continue reading “Why Your Cybersecurity Should Get Physical for National Clean Out Your Computer Day”

Cyber Security and Social Media – Not Just a Risk for Individuals but for the Companies Where They Work

It’s long been known that social networks are viewed by cybercriminals as rich hunting grounds. Using social engineering techniques, they can obtain information through posts and images from social media profiles to launch targeted phishing attacks. Counterfeiters are also using increasingly sophisticated methods to dupe consumers into purchasing fake goods through social media. Panda Security recently warned of a new online scam propagating through Instagram’s advertising platform, where discounts of up to 70% on leading clothing brands are targeted at users who through their profile are most likely to ‘bite the hook’.

social media security strategy

Continue reading “Cyber Security and Social Media – Not Just a Risk for Individuals but for the Companies Where They Work”

Data Privacy in the Age of Alexa

Reading the technology media coverage of both CES 2018 and the post-Christmas sales, it feels like smart devices are finally having their much predicted moment. Every consumer technology vendor seems to have their own take on the smart device, from Amazon and Google’s smart home hubs to Philip’s connected lightbulbs and Samsung’s internet enabled fridge. The rate of ownership of these particular devices may not be that high, with only 18% of UK households reporting owning one, however, if we include other connected devices such as wearables and smartphones, then it becomes very clear that these devices are appearing everywhere.

Internet connected devices have certainly made our lives easier and even have wide reaching potential for making our cities safer and more responsive for example through monitoring pollution and optimising traffic flow. Yet, as Data Privacy Day approaches, it is vital that we consider how all these devices will affect the use and collection of personal data.

Continue reading “Data Privacy in the Age of Alexa”

La France, terre promise pour les start-up de la cybersécurité

En France, la cybersécurité est une affaire de start-up. Le secteur, en pleine expansion sera d’une importance capitale à l’avenir. Dans la course à l’armement entre hackers et les RSSI, avoir la mainmise technologique est primordial. Heureusement, en France, le secteur de la cybersécurité est en forme… et en particulier ses start-up. Tour d’horizon de celles qui font la réputation de notre pays en la matière.

Continue reading “La France, terre promise pour les start-up de la cybersécurité”

A Monaco, les Assises de la sécurité grandissent et s’exportent

 Les Assises de la Securite

Pour sa 17 ème édition, les Assises de la sécurité, un évènement dédié à la sécurité de l’information, ont rencontré un succès inédit, que ce soit en termes de fréquentation ou de couverture médiatique.  Une amélioration due à l’intérêt croissant des entreprises françaises et mondiales pour la cybersécurité, au point que le salon s’exportera à Londres pour 2018. Retour.

C’est en tout début d’octobre, en plein mois européen de la cybersécurité, que se déroulaient les Assises de la sécurité. Organisées tous les ans à Monaco, ces dernières regroupent les meilleurs experts des SSI et proposent des conférences plénières, débats, ateliers, tables-rondes et autres espaces de rencontre dédiés aux éditeurs, constructeurs, opérateurs, sociétés de services et représentants d’entreprises.

Continue reading “A Monaco, les Assises de la sécurité grandissent et s’exportent”

Cybersécurité: des chiffres qui donnent le vertige!

Au cours des derniers mois, de multiples attaques par déni de service (DDoS) ou encore par des logiciels malveillants ont sévi un peu partout dans le monde. Le projet collaboratif Atlas révèle une augmentation assez franche des cyberattaques au cours du mois d’août en France : le pic des 28 000 attaques DDoS est atteint !

Image result for direct denial of service attack

Continue reading “Cybersécurité: des chiffres qui donnent le vertige!”

Security Implications of Blockchain Beyond Bitcoin

There is a new foundation being created for the internet, and it already looks like it will upgrade the very way the internet records and shares data. Moreover, many analysts believe this technology will shake up several industries, paving the way for user-to-user interactions without the use of a middle man. It’s called blockchain technology, and it was originally created to service Bitcoin transactions. But, what exactly is Blockchain technology?  Don and Alex Tapscott, authors of Blockchain Revolution, describe it as “an incorruptible digital ledger of economic transactions that can be programmed to record not just financial transactions but virtually everything of value.”

Blockchain

Continue reading “Security Implications of Blockchain Beyond Bitcoin”