Safe and Secure: How Security Industry Marketers Tell Stories Without Spilling Secrets

We all want to be brilliant brand storytellers and create content that shows our audiences the best value our industry has to offer. But what sort of stories are you meant to tell if you can't talk about what your company does? What's a security marketing strategy meant to look like?

Yes, security: that wide world of intriguing hackers in dark basements and men in trench coats with code names. Of course, the truth is far less James Bond, but that's what our imagination conjures when we hear the word "security."

This aura of mystery around the work can pose an issue for those marketers in "secret" industries. Marketers in cybersecurity, for example, are looking to match their products with customer needs, but they can't exactly go into the details of what services they've done for others because it's often a matter of national, financial, or corporate secrecy.

We're talking about more than industry secrets; it's secret industries.

Surely these marketers exist on a different plane to the rest of us, wrestling with long lead times and tricky approval processes, unable to get a good named case study because such-and-such company (or country!) won't go on the record. Yet . . .

"Marketing in cybersecurity is not as tricky as you may think. In fact, it works very much like in any industry," says Jake Moore, security specialist for top European internet security company ESET. "Few companies give out their top company secrets in their PR, and in cybersecurity that's just as important.

"I work in PR, so the best way to communicate with our users and potential clients is to promote confidence in the Internet and ways to overcome threats. There are daily vulnerabilities in cybersecurity, but my job is to build people's immune system to such threats and strengthen the use of it so the cybercriminals do not win."

It's Not All Reactive

And Moore knows what he's talking about when it comes to security. Formerly with the Dorset Police, he's investigated computer crime-spanning murders to missing people-in the digital forensics unit and learned how to ethically break security to help protect the innocent. Now a cybersecurity consultant, he uses storytelling to weave in his experiences with the police to get his message to stick.

Image attribution: Park Geon-Hwan

"With so much in the news about cybersecurity, there is a constant requirement to break down any heavy story so consumers can be given education and make use of any story. For example, when British Airways was hacked, we gave plenty of information out so people didn't panic immediately. It comes from a safe and trusted source at ESET-me!"

Here we stumble across our first misconception about the security industry: By the nature of the sector, all content produced has to be reactive. Moore says ESET takes a two-pronged attack.

"We constantly have to react to any hackings that are being mentioned in the news-which seems to be a daily occurrence-and this is where time is of the essence. We have to respond extremely quickly if we want to be the company used by media, offering the awareness advice on what to do and not to do in the situation given.

"Proactive campaigns are the slow burners yet tend to get bigger results. We recently covered a story questioning whether phones should be banned in schools, and it resulted in me giving 23 back-to-back radio interviews, hugely increasing our brand awareness."

Telling Security Stories

Content marketing can and does work in cybersecurity. IBM Security has perfected the art of proactive storytelling with its SecurityIntelligence portal. Founded in 2013 with the goal of showcasing IBM's expertise in the cybersecurity arena, it's staffed largely by IBM's own subject matter experts. These people understand the challenges security professionals struggle with every day because they are right there with them.

SecurityIntelligence aims to "make life easier for security professionals of all levels by giving them the resources they need to perform their jobs and keep their companies and clients secure," says digital marketing manager Jennifer Tullman-Botzer.

"It's true that there can be certain sensitivities when a new breach or vulnerability is announced, and we need to be responsible and make sure disclosure processes are followed as required," she says. "But beyond that, cybersecurity has really become a mainstream topic over the past few years, and not only are there few limitations on what we can talk about, but there are more and more people looking for information on security and trying to gain a greater understanding of the threats we're confronting.

"IBM Security is strongly committed to the ideas of openness and data sharing. We believe that today's cybersecurity challenges demand cooperation and collaboration both within and among organizations. No single company can solve the problems and threats we're facing. Open communications and information sharing really is the best path forward."

Sharing information openly and transparently is the antithesis of the stereotypical security company. Yet more and more companies are following IBM's example by telling stories to engage audiences and build trust in their brands. Tullman-Botzer talks about a content series currently underway at IBM Security, Voices of Security, which launched in August.

"The series is seeing great results and is also one of my favorite projects we've ever done," she says. "Earlier this year we conducted some research and found that many cybersecurity professionals think of themselves as 'unsung heroes.' This idea really resonated with us, and we wanted to highlight some of the heroes on our team who are doing incredible work day in and day out and deserve some recognition.

"Like all companies, we have so many amazing people at IBM, and it's great to get to tell some of their personal stories and give them a chance to shine. In the future, we hope to expand the series to include not just IBMers but security superstars from other companies as well. After all, these are the heroes who are keeping us safe every day."

Don't Disguise Emotions

Aerospace manufacturer Airbus brings emotional resonance to its security storytelling strategy. For example, during a recent brand repositioning, Airbus Defense and Space created a video marketing campaign covered in a Hurricane Media case study that used "an emotionally engaging film to cut through in a technology-driven marketplace. Not only did they want to reposition themselves, but they needed to create a conversation around it."

Given the portfolio, there was a lot of very high-resolution satellite imagery available, but in an industry saturated with satellite imagery content, how could Airbus differentiate?

According to Hurricane Media, "Everybody that uses satellite imagery from Airbus Defense and Space needs timely, accurate information in their hands, and they use this information to work towards a better planet for everyone. They use the satellite data to help them develop sustainable reserves of energy, protect the environment, increase security, and develop food supply. We took this idea and represented it graphically with the 'data sphere,' a glowing mass of data. We showed how this data sphere was in the users' hands when they needed it, but also how it worked across key markets."

The resulting video outperformed all previous campaigns, resulting in a 150 percent increase in average views. It highlighted how effective video content can be for these types of firms.

Airbus is also experimenting with new technologies, including bringing VR and AR to airshows to demo new and future aircraft to customers. In one scenario, users can spacewalk around the International Space Station on a mission to install a payload on the Bartolomeo platform.

"We used to have models in our stands, but what's the point in having that model when you have the real thing outside?" asks Jeff Burridge, head of digital communications operations at Airbus. The company has now done a few air shows-including Farnborough, Paris, Singapore, and Dubai-using AR and VR technology to get its target audience to feel what their high-spec military and commercial aircraft is like.

You can walk onto an A400M, put on a headset, and see it filled with helicopters. You can take a military helicopter into a disaster zone, open the doors, and go out to help.

But while Airbus is seen as one of the security sector's greatest storytellers, it's also a big group with lots of silos. Burridge has been put in charge of setting up internal processes for better and more cohesive storytelling, helping the defense and space teams learn from the successes of commercial aircraft or helicopters, and vice versa. The communications functions were recently aligned, allowing a much more integrated approach as well as a move towards more digitally focused, more efficient ways of working.

The team had been holding weekly editorial meetings that were very much focused on the next couple of weeks, but they were missing the long-term planning side where they could speak more in-depth about the stories they wanted to tell across the company. Burridge says the idea is to be more collaborative to build assets, become more structured and less reactionary.

Anticipate the Marketplace

Airbus has now started a content board, lead by the head of communications and with representatives from each department; its remit is to look further ahead at topics, strategies, and priorities and to make connections between the comms strategy and messaging. They've also begun using a DAM to converge their web, social media, and audio/visual needs in order to establish a global content repository.

"What we can do now is to gather topics that have got up to 12 months' lead time and have a 12-month rolling comms plan that allows us to plot the marketing we want to do on certain topics, including defense, and we can build stories around them in a much more structured way," says Burridge, who's part of the cross-comms digital transformation team.

"We can now be much more proactive in how we structure those topics. We can now look across the business to see the implications of a topic for defense, for space, for all colleagues. In that way we can have a more rounded approach and we can build the story the way we want, build the assets to have a strong bank that allows us to revisit messaging when we need to."

Burridge also hopes the content board will help Airbus anticipate and react to the marketplace with appropriate content; previously, if an issue arose, a quick huddle would need to be organized with the sector head.

"The longer the content board becomes established, then the more assets and topics we build up; our bank of topics that cover certain areas will grow. We can say we've had this before; let's dig out those assets, let's see if we need to repackage for this instance, and off we go."

So, the "secret" is out. These industries operate just like any other marketing function, with a security marketing strategy approach that would look familiar whatever the sector. There are layers of approval, yes, but those exist everywhere.

And for those in the sector struggling to figure out a security marketing strategy that hits the mark, take solace in this: There is no magic sauce, no secret super serum, that makes you special. Know your audience, build your personas, and create engaging content that resonates emotionally with them, and you're on your way to content success. Pivot your strategy towards storytelling to showcase the products and services in action-even those men in trench coats and gruff military types want a bit of emotion after all.

For more stories like this, subscribe to the Content Standard newsletter.

Featured image attribution: Brooke Cagle