Welcome back, cyber junkies.

It goes without saying, but May was a blizzard of cybersecurity stories, specifically on ransomware as a result of the Colonial Pipeline hack. Coverage volume of the term “cybersecurity” increased 55% from April to May, and year-over-year volume was up 95% from May ’20 and 56% higher than May ’19. The term ranked #7 this past month (unsurprisingly) – up from #12 last month and ransomware stories also shot up to record levels with ~80K stories.

While I’m sure you have heard enough of the Colonial Pipeline hack, there were some key takeaways from a PR perspective that are important to note:

First, if you’re working with cybersecurity companies, it’s important to anticipate the next big hack. Critical Infrastructure attacks have happened before, and they will continue to happen. It’s important to have approved messaging that can be released when these attacks occur and it’s equally important that the messaging provides added value – ie: it’s not just stating the obvious.

That brings us to our next point: while many companies instinctively want to react to every hack, it’s important to know when to say something and when to stand down. Besides coming across negatively to the media, reacting to every hack can be counterproductive. If you have a unique POV, or relevant data to share, speak up. But be strategic in your approach, because the media knows when you are ambulance chasing and may decide to

pass on your email next time, when you might have something valuable to say.

Lastly, while these hacks will unfortunately continue and media stories on them will ebb and flow, I recommend you take advantage of the time when the spotlight may not be on cybersecurity. Sit down with your client to get their POV on relevant cyber topics like ransomware attacks, public policy proposals, or the latest threat vulnerability and have those insights at the ready to ensure that your next conversation with media is that much

more fruitful.