A breach in the tech-dominated world is bad news for any business. Telum asked PR professionals to share how they educate their audience and important elements in a cybersecurity communications plan.

Stella Wong, Senior Consultant, Archetype (Hong Kong)
Know your audience. I think it is still the rule of thumb for every comms person, and it's no different when designing a comms plan for cybersecurity. SEA is a very diverse market and it’s crucial to understand your audiences. Regardless of whether you’re communicating to consumers, IT managers, CIO/CTOs, MNCs or SMEs, you first have to identify your key audience, put on their hats and think about their persona, behaviours, interests, and buying journeys. Once you have an understanding of your audience, you can then identify gaps and opportunities to engage them with your stories.
 
Also, don’t let the topic limit your creativity. Cybersecurity is quite abstract, it’s not easy to understand and can be perceived as dry, but it is increasingly important and impacts all our lives. If you think cybersecurity is boring, then it becomes boring. If you think cybersecurity is fascinating, it will become fascinating. At the end of the day, you want to engage your audience on an emotional level, so adding some colour, spice and a bit of excitement to your cybersecurity campaigns will help you do so. 

Feliciana Wienathan, Communications Manager - Consumer Products, Google Indonesia
At Google, we believe that protecting people’s privacy starts with the world’s most advanced security. This is why all Google products are continuously equipped with updated built-in security that automatically detects and prevents online threats, so you can be confident your private information is safe.

However, when it comes to privacy and security, one size does not fit all. People need to be empowered to create healthy, positive digital habits that are right for them. The key in communicating such important yet complex topic, is to create meaningful and helpful engagements that inspire them to take the simple first step. First, breaking this big and complex issue into relevant daily examples or cases that happened to people around us. Then providing them with simple, yet effective guidelines on how to protect themselves and their loved ones safe online, like our recent Safer with Google campaign called #P3KDigital where we collaborate with relevant governments and communities, sharing digital security “first aid” tips in short comic format.  

Illka Gobius, Managing Director, PINPOINT PR
When a cybersecurity incident occurs, communications teams and senior managers are often left completely in the dark, with no computers, email, telephones or access to the Internet. At times like this, organisations can suffer severe legal, financial or reputation harm if they say the wrong thing at the wrong time to the wrong person, or are seen to mislead the public in any way about the cyber incident.

The communications strategy determines what is said, who says it, how and when it is said, and who you say it to, ahead of an incident occurring. It should include protocol and the templates of materials to act with, and be printed in hard copy.

A threat assessment relevant to communicators should be made, because an organisation’s data exposure risks depend in part on what information is held in its database, which informs the communication plan when a cyber incident occurs.