State of the Media Landscape: Cybersecurity Edition

What Black Hat 2019 means for Cybersecurity in 2020

Cybersecurity has never been more important and it has become clear the security community needs and wants more collaboration and communication. From bug bounties and IoT to election security and diversity & inclusion, the industry is evolving and the role of communications is expanding.

At Highwire, we’ve built a dedicated cybersecurity practice with passionate, curious and accomplished team members driving results for our clients. We work with leading companies to uncover creative cybersecurity and tech storylines, and establish unique narratives and voices within those storylines that we showcase in different ways such as conversations with press to earn strategic media placements, collaborations with industry influencers and creative campaigns on social media.

That’s why we were at Black Hat 2019 — we sent a team to support our 14 cyber clients, interact with industry professionals, be active and passionate members of the information security community, and uncover emerging storylines. 

This report details the top trends that we observed at Black Hat 2019 – from industry influencers and reporters to enterprise decision-makers  – as well as a guide to harnessing these trends to not only have the most successful trade show presence in 2020, but also to leverage for broader influence with marketing and PR campaigns. 

To download the report, please fill out the form below. If you are interested in learning more about how to make your cybersecurity story stand out among the crowd, please don’t hesitate to reach out – megan@highwirepr.com

  • This field is for validation purposes and should be left unchanged.

#HWCyberSquad Takes Black Hat 2019 by Storm

Black Hat 2019

Kicking off the 22nd year of Black Hat were keynote speeches from the conference’s founder, Jeff Moss, followed by Dino Dai Zovi, the mobile security lead at Square. Both talks reinforced one main message that was felt in all sessions, briefs, and side conversations that followed – communication is key. 

The security world finally has its well-deserved spotlight, and cyber teams are now being challenged to seize this opportunity and shift their focus to high engagement with departments across companies through thoughtful and strategic communication. 

In Dai Zovi’s talk, he shared his career path through security, starting with research and hacking contests he did in his free time – since security positions weren’t an option when he joined the workforce – to now, were he holds a lead security position with a seat at the head table. From his personal roadmap, Dai Zovi has been able to pull together four main ways that security teams can shift the way they engage and communicate with across all teams at their organizations, which are: 

  • Start with “yes.” In order to engage the world, you can’t shut them out 
  • Meet with teams dealing directly with customers to get a deeper understanding of who customers are and what they struggle with on a day-to-day
  • Use feedback loops and software automation to meet scalability needs 
  • Create a culture of security across an organization, instead of focusing on strategy and tactics

It became clear that the security community was hungry for more communication like Dia Zovi noted above and ready to shift their focus. While technology demos continued to be a huge part of the conference from a marketing perspective, and technical innovations in automation, machine learning, artificial intelligence, and the new, changing definition of endpoint/perimeter security being the main PR drivers, most technical conversations managed to continually turn toward this more human element of cybersecurity.

As we see security concerns around topics that are increasingly more detrimental to society such as, election security, data abuse, privacy issues, AI being weaponized, and widespread disinformation, Dai Zovi’s message on shifting the focus of cyber teams to communication will become more vital than ever. It will open the opportunity for a culture of security, empowering each individual in every organization to be an extension of their security team and allowing cyber practitioners to think big and work together against future cyber attacks. 

Let us know if you’d like to connect with Highwire PR to talk through how communication will change the game for the security industry! Contact secleads@highwirepr.com for more details.

 

#HWCyberSquad is ready for Black Hat 2019… Are You?

As Black Hat USA 2019 draws ever closer, so does the anticipation and excitement for over 19,000 security professionals who call one of the nation’s largest cybersecurity summits a second home.

Always promising and delivering the latest and greatest on threat research, malware and all things cybersecurity, Black Hat has grown significantly over the years, becoming a venue for some of the greatest minds from the world’s foremost cybersecurity organizations to convene and discuss the state of global security, technology and research. 

What We’re Looking Forward To

Def Con, a hacker conversation, featuring former L0pht members, including Veracode’s CTO Chris Wysopal

This year’s event, focusing on DevSecOps, nation-state attacks, vulnerabilities, open-source and more, promises to be bigger and better than ever. 

“Black Hat received an incredibly large number of submissions for this year’s event,” said Heather Donner, Black Hat PR Manager. “This year we will see themes covering the full security spectrum, spanning voting technology, auto vulnerabilities, research on WhatsApp, and major mobile talks. We’re also expecting to see a focus on privacy and consumer risks emerge as a key trend this year.”

A few of our clients weighed in on what they’re expecting to see more of as well:

“The security industry has seen many significant shifts this year – most notably through accelerating industry consolidation which has come to reshape the SOC as we know it. For us, this started with Splunk’s acquisition of Phantom last year, and has continued with a number of acquisitions affecting the SIEM and SOAR market across the landscape,” said Haiyan Song, SVP and GM of Security Markets at Splunk. “I’m always fascinated to hear more from customers and partners on how recent market acquisitions are affecting the rate of product innovation, how analytics-driven security is enabling a new kind of data management, how automation is making people more effective and productive, and how unknown data – or as we call it at Splunk, ‘dark data’ – is impacting privacy, legislation, and in the end how organizations grapple with security.”

“The professions of software development and information security are overlapping more than they ever have before and the trend is accelerating,” explained Chris Wysopal, Veracode CTO and co-founder. “There have always been software companies that have built security products, but this isn’t about that. This is about software developers performing traditional security practices and security professionals building software to secure their organizations.”

“The way businesses use technology has changed dramatically in the last 15 years,” Wysopal continued. “Enterprises are not simply deploying, configuring, and securing vendor produced software. Enterprises are building their own solutions using software assembled from open source, code from their own massive development teams, and run on the APIs and services of cloud providers. Security has to be integrated into every step of the building process and not just assessed at the end. After all, development is continuous now so there is no end!”

What’s New This Year

Always new and always evolving, we asked our Black Hat expert, Heather Donner, what new offerings and programs this year’s Black Hat has in store.

“We’ve added exciting new features and programs to this year’s event to give attendees the opportunity to gain hands-on experience working with new tools and practicing new techniques,” Donner noted. “Attendees can check out the all-new Arsenal Lab, which provides a unique opportunity to play with hardware, ICS gear, and IoT devices in a controlled environment, as well as the first-ever Micro Summits, which are designed to foster education and collaboration on focused topics in the information security industry.”

With the added emphasis on interaction and education at this year’s event, we’re more excited than ever to see what talks from Akamai (here and here), BitSight, Endgame, Forcepoint, Intel, Qualys, Splunk (here and here), and more will bring, and what thought-provoking insights we take away. 

We’re ready for Black Hat 2019… are you?

Let us know if you’d like to connect with Highwire PR at the show! Contact secleads@highwirepr.com for more details.

Analyst Trade Shows Standout in an Increasingly Digital World

For all the talk about marketing’s digital transformation, a heck of a lot of people are still attending physical trade shows. More than 42K attended the largest B2B security show, RSA Conference, in March 2019. More than 180K were in Las Vegas in January 2018 for CES, the massive consumer electronics show.

Many years ago, I believed that trade show popularity followed an inverted arc curve. At the apex of the curve– when a given show reached the peak of its popularity– is marketing saturation. Attendees would realize that a given show’s vendors all said the same thing, or, even worse, that the only people attending were non-practitioners. The show’s popularity would then see a precipitous decline.

My theory is easily disproved, given the longevity of certain shows I have attended for the majority of my career. But also disproven is a belief conditioned deep in my mind that the importance of physical trade shows will ultimately wane, given 1:1 marketing and the internet.

In truth, the concept of the trade show is amorphous and resilient. Alongside horizontal trade shows, such as CES, are a variety of other types of shows, such as user conferences. They commence as gatherings of peers to learn best practices for a specific solution but morph into living, breathing communities of their own.

A similar morphing might be underway among events run by industry analyst firms, which often prove to be wise investments by my clients. Incorporating industry analyst trade shows into a marketing mix is important for any B2B technology company, as long as those companies ponder a few key questions:

What’s the objective of your attendance? For companies interested in branding, a larger horizontal show avails you to a wide audience. Sponsoring trade show happenings, such as receptions or parties, creates buzz. Vertical and industry-analyst-driven events are more precise in their audience, and they should be considered if the objective is equally more narrow, such as driving customer acquisition.

One reason for attending an industry analyst event is to earn an audience with the analysts themselves. Regular communication with them is key to understanding the conditioning of the market and to teach the analyst as to why a given solution is ideal for where an industry is headed.

What is the target audience for the organization running the event? Certainly it’s important to know who is attending a given show, but a better way to look at this is to evaluate the audience that the show’s organizers care about. The more zeroed-in an organizer is on a target audience, the more zeroed-in that organization’s event is on that audience.

Evaluating the audiences an analyst firm cares about is not hard—simply review published research. However, organizations sometimes are misled by the credibility of a given firm and blindly sign up for that firm’s events, even if the firm doesn’t write for the correct end-user audience and has not defined a research area for those users. Most analyst firms place tech vendors in categories; if a given firm doesn’t have a category for you, it’s probably a wasted investment to attend that firm’s events.

Are there desirable outcomes beyond visibility and high-level lead generation? The right analyst trade shows gather a targeted list of influencers that matter to marketing efforts. Today’s digital world presents wide-ranging opportunities to leverage them.

Influencer dinners during the events are an informal setting to discuss trends. If they are positioned as such they have long-tail benefits. Dinner guests are more likely in the future to engage with the host’s content, act as a reference for marketing campaigns, or, obviously, mention the company in online comments or stories.

On-site social efforts by an exhibitor demonstrate that company’s commitment to the target audience. Visuals and short YouTube-quality videos from the events drive better engagement numbers than general thought leadership content.

Physical trade shows remain an important part of an organization’s marketing mix. And increasing the investment in shows run by analysts can deliver a nice return, as long as the audience and potential impact of such an investment are carefully weighed.

Setting the National Agenda on Privacy & Policy

When we think about cybersecurity today, the first thing that comes to mind for many of us is privacy. So far, setting the national agenda on the topic has been a tumultuous and inconsistent journey but as we’re witnessing more data breaches and more infringements on user privacy than ever before, the concept of trust and the need for data governance is pertinent now more than ever.

We’ve seen the US government make strides toward more regulated and responsible data usage, and we’ve seen other regions globally implement strategies to combat data misuse – for example, the EU’s implementation of GDPR which took place close to a year ago has been met with some praise. However, it seems that as a country – and as an ever-evolving group of consumers and technology advocates – the US has yet to determine who and how we will set the standard for the future of privacy.

What we have seen so far

Most recently, we have been drawn into the back-and-forth between businesses and legislators over what data usage and transparency among consumers will look like in the state of California, via the California Consumer Privacy Act. The Act, which was signed into law in June and will go into effect in 2020, essentially gives residents of California the right to know what data businesses collect about them, why those businesses collect that information, and allows the resident to request businesses delete any information about them. It also gives individuals the right to opt out of having their personal information shared or sold. This obviously poses a massive roadblock for organizations who use user data to determine business decisions, marketing value, and more in the world of data currency.

In fact, approximately 76 percent of IT leaders globally agree that “the organization that has the most data is going to win”, according to a recent report on the state of data from one of our clients, Splunk. Essentially, data is big money these days, which isn’t all too comforting to the consumer.

Role models in the world of policy

As we had mentioned previously, although the US is still experimenting with how we’re going to approach privacy legislation, the EU has been operating with GDPR in place for nearly a year now. Although we’ve already witnessed several tech giants bear the brunt of this new reality (Google was fined a whopping $57 million for its GDPR violations), we’ve also seen immense benefits and substantial praise for this new law.

Should the US consider implementing new legislation like GDPR? Possibly – its particularly worth considering if your organization deals with processing personal data for anyone in the EU, notes our client BitSight. But the US is taking steps to create its own policy roadmap, and we’ve seen states like Massachusetts, New Mexico, New York, Utah and Washington already begin to weigh in on their own versions of data protection legislation similar to the CCPA and GPPR.

What this all means

Essentially what we are getting at, is that the future of privacy and policy is still very much to be determined. Outlined below are a couple of articles we believe are worth reading, to catch you up on the latest regarding data policy – if you haven’t already been following a long. Take a look, let us know what you think, or better yet, weigh in on the conversation with your state representatives.

Here at Highwire, we believe everyone has a voice and everyone has a story. It just so happens that as the story surrounding data legislation in the US and abroad continues to unfold, we have a unique opportunity to get involved in the conversation. Let us know what you think.

RSA Day 3: The security industry’s dark secret takes center stage

Thursday’s opening keynote addressed an issue that has become front and center for the security industry over the last year—mental health.

Last August at Black Hat was the first time a specific conference track had been dedicated to the infosec community to present on stress, burnout and mental health. Fortunately, that has carried over to RSA which featured a stimulating conversation between Josh Corman of I am the Cavalry and Christina Maslach, a Professor of Psychology (Emerita) and a Researcher at the Healthy Workplaces Center at the University of California, Berkeley.

As Maslach stated, Silicon Valley has always encouraged and rewarded burnout. In the ’90s during the dot-com boom, it was seen as a badge of honor to work for days on end and sleeping (when you could) underneath your desk. You would do this for a couple of years with the reward being some sick stock options.

Workforce shortage exacerbates burnout

The skills shortage in the cyber industry has been a common topic for years now and most vendors use it as a talking point by claiming their AI/ML infused products will augment this issue. This skills shortage has another effect though—increasing the chance of burnout.

As Maslach mentioned to Corman on-stage it’s hard not to react to every single little sound or vibration whether it comes from our phone or computer. However, that is just an everyday human problem, now think about this in the context of a security operations engineer.

Organizations typically use dozens of different tools on a daily basis—CSO reported in 2016 that the average company uses 75. I installed a Google Calendar extension into Slack this week and am overwhelmed just from those notifications, it’s hard to picture that x75.

Culture and managerial structure can be a differentiator

I particularly enjoyed Corman’s personal anecdotes from his infosec career and how different managerial structures and company culture can either help combat or unintentionally encourage burnout.

Companies should be mindful that certain managerial decisions or even reward systems can directly contribute to burnout. Organizations that ask all members for feedback on ways to treat each other better can help be proactive given our resources are people and as stated previously those are already in short supply.

Incident responders are the digital equivalent of first responders in the medical field. At times we have to hold secrets about our work which can add additional stress. Unfortunately, there are times when coworkers are showing signs of burnout and instead of empathy and compassion they are called weak and told they aren’t cut out for the industry.

Stay in your lane

It was refreshing to listen to Corman and Maslach given earlier drama this week as SOAR upstart, Swimlane, attempted a tone-deaf stunt that backfired as RSA banned the vendor from the conference at Moscone.

Swimlane staged a fake protest to promote its product which relies heavily on automation and positioned itself as helping combat analyst burnout and stress. (See a picture of the protest from Tom’s Guide security editor, Paul Wagenseil.)

To make matters worse, Swimlane issued a press release claiming it was wronged by RSA. Whatever buzz they hoped to generate at the show ended up rubbing many the wrong way.

I for one enjoyed my time with the adoptable puppies at the ThreatQuotient booth. This was a cuddlier and friendlier way to generate attention at a packed Moscone Center rather than playing the victim after poking light at mental health to promote a product.

Building a safe and inclusive infosec community

At the end of the day we’re going to get the culture we invest in and it’s important to work for an organization that encourages feedback and ideas from every member.

During a conversation with a data scientist colleague this week he remarked, “the greatest minds of our generation are trying to get people to click on ads.” This was top of mind as I took in Thursday’s keynote.

While it won’t happen overnight, hopefully raising the issue of mental health in our industry and fostering an inclusive and safe environment can counteract the very people who are trying to make us more glued to our screens.

RSA Day 2: Getting More Involved in the Cyber Issues that Matter

While yesterday’s RSA keynotes highlighted the need for increased trust and transparency in cybersecurity, today’s discussions were all centered around how to make those changes a reality – starting with getting individuals more involved in the issues that matter.

Calls for Comprehensive Legislation

Harvard Kennedy School’s Bruce Schneier kicked off the conversation by discussing how technologists can get more involved in impacting cybersecurity legislation. While the internet has developed exponentially since its creation, legislation surrounding it has not. Schneier stressed that this needs to be changed and it needs to start with people who understand the technologies dominating the security landscape on both sides of the battlefield.

He touched on current cybersecurity regulations like the EU’s implementation of GDPR, Australia’s implementation of legislation that enables law enforcement to access encrypted data upon request, and how the U.S. can start getting more involved in the conversation. The takeaway? If we want technology to continue to grow and expand in a way that is going to be beneficial, we have to get it under control. And the best way to ensure its longevity is by getting the people who know it best more involved.

Power to the People

Microsoft’s Corporate VP of the Cybersecurity Solutions Group, Ann Johnson, also used her time to discuss the more human aspects of the industry – namely noting how expanding the cyber workforce and increasing its diversity will be the best way to propel the technology behind it. She emphasized that work in cybersecurity can be the most rewarding, yet the most taxing. This could explain both the exceptionally high stress rate among industry professionals and the three million job openings still vacant within cybersecurity organizations.

Johnson encouraged organizations to prioritize a diverse workforce and to foster more positive atmospheres. She discussed how these steps can boost employee retention and provide variety in organizational approaches to issues. She also noted that more diverse teams make better decisions 87% of the time. Johnson highlighted how work in technology and cybersecurity, in particular, is beginning to change. As today’s tools become more capable of alleviating some of the responsibility formerly held by human counterparts, professionals are starting to explore new avenues in the field. “Tech is amplifying our human capacity to separate the humans from the noise,” Johnson said.

Combining Tech and Human Intelligence

Facebook’s Head of Cyber Security, Nathaniel Gleicher, and Twitter’s VP of Trust and Safety, Del Harvey, also discussed the necessary partnership between tech and human responsibility, which together allows platforms to better differentiate between human and non-human interference and determine next steps accordingly. They each discussed some of the sensitivities that both platforms face when regulating user content, most notably how to differentiate technical interference with legitimate content so as not to violate users’ first amendment rights. But both individuals noted that as technology continues to advance, the lines between technology and legislation continue to blur.

Overall, day two of RSA highlighted the incredible contrast between just how far technology and cybersecurity have come, and how much farther the industry and legislation behind it must advance in order to keep it as reliable and benevolent as possible. But if today’s speakers emphasized anything, it was that change is never quite as far away as it seems –  in fact, it is already taking place and it is starting with security technologists like you and me.

RSA Day 1: Takeaways from the #HWCyberSquad

Last year we saw major data breaches monopolize the headlines, while privacy issues became top policy discussion items. 2018 was the year that trust was lost.

The 2019 RSA Conference theme “better” was broken down in this morning’s opening keynotes with the idea of trust in mind as the security community comes together to grapple with these major issues. The keynotes outlined three steps in order to achieve better trust in the future.  

Risk and Trust can Coexist

The first step in building trust within security is recognizing that risk and trust can coexist. Software has increasingly integrated into all aspects of our lives, and with that, data consumption has also increased, creating a high cyber risk environment.

By focusing on risk management and recognizing its prevalence, security teams will begin to gain that trust back. We are seeing this addressed by technologies being created with risk management integrations. New technologies are now ensuring some form of risk management or mitigation options. Along with these integrations, policies are also starting to emerge to support risk management and ultimately ensure trust in a high-risk landscape.

Man and Machine Need to Work Together

The second step is recognizing that if people work closely with machines we will produce the most trusted security. When AI was first introduced to the security world, many people worried that machines would take over jobs, because they could quickly and efficiently resolve issues or questions. However, we found that although machines could get to an answer quicker than any human, they could not explain how they got there. This broke down the trust in the machine’s ability to verify the security it was providing.

We now know that the best way to build trust in security is for human and machine to work closely together. The technology can then accurately and quickly resolve the issues that the security teams identify and ask it to address.

Creating a Chain of Trust

The final step is to build a chain of trust. Having security teams work and communicate together will be the best way to achieve the most trusted results. In the past, security teams worked in the background and only shared insight and data with a closed group of peers. However, this culture has already seen a major shift. There have even been infosec sharing companies created with the sole purpose of sharing insight and data to help others better protect and secure data.

Businesses are learning from this and evolving the chain of trust to also reach consumers by keeping them informed of what data they have collected on each person and what it is being used for.

Moving into 2019, the security industry is already taking major steps forward in regaining trust in what they’re capable of to achieve a better future.

Check back tomorrow for the next blog in this series live from RSA.

The #HWCyberSquad Recommends These Five Security Events in 2019

As one of the biggest security conferences of the year draws closer, the #HWCyberSquad decided to examine other key cybersecurity events that are of value from both a networking and PR perspective. With so much noise around RSA and Black Hat, smaller events are becoming increasingly valuable in publicizing research and for networking with influential contacts in both media and security.

Highwire’s own Ben Wolfson chatted with several notable security influencers from Ars Technica, VICE, Motherboard, WIRED and VirusBulletin on their experiences at some of the lesser-known, but rising-in-influence conferences.

CyberWarCon [inaugural conference was held on Nov. 28, 2018, TBD on 2019 edition]

CyberWarCon kicked off it’s inaugural conference as a one-day, single track event in DC in November of last year. Organized by FireEye’s John Hultquist the content was geared around nation-state topics, ICS cybersecurity and cyber policy debates.

It featured a keynote from Thomas Rid and a compelling debate on U.S. cyber deterrence operations featuring Jason Healey and Neil Jenkins. Both Wired’s Lily Newman and Wall Street Journal’s Dustin Volz voiced their enjoyment of the event. The show generated a lot of engagement on infosec Twitter accounts with other DC-area security reporters in attendance along with many practitioners and incident responders.

Derbycon [Sept. 20 – 22, 2019]

DerbyCon celebrated its eighth iteration this October. The Louisville-based conference has an elite attendee profile comprised of recognized practitioners and more technical security media. According to national security editor at Ars Technica, Sean Gallagher, “media that attend DerbyCon are hardcore security people – [there are a] small number of reporters there [that are] deep in the industry. Outside of DEFCON, [it’s] probably one of the more well-known hacker conferences with high-quality content.”

The content is extremely technical and now gets over 1,000 attendees. From a PR standpoint, many speakers attend to workshop and present material they hope to submit to DEF CON later in the year. Key takeaway: This conference is of high value to network and learn. Note:  Founder Dave Kennedy recently announced the September 2019 show will mark the last edition of DerbyCon.

HOPE — Hackers on Planet Earth [July 20-23, 2018; TBD for next edition]

Typically a bi-annual event held in Manhattan, the content and attendees are very much in-line with the cyberpunk movement. Topics that are popular include internet free speech/regulation, encryption, privacy and more. While this might not be an event to recommend your client participate in, it is a great one to meet reporters on-site and attend as a PR practitioner.

According to VICE Motherboard’s cybersecurity reporter, Lorenzo Francheschi-Biccherai,the audience is more activists and political than other conferences. Talks are less research driven and are more political. There are some interesting talks but totally different style than Black Hat and DEFCON.”  

VirusBulletin [Oct. 2-4, 2019]

VirusBulletin is a magazine solely dedicated to the prevention, detection and removal of malware which has an annual conference in late-September or early-October for cybersecurity pros. The location changes each year (2018 edition was in Montreal) making it a global conference, albeit more expensive to travel to. The speakers and attendees are often the who’s who of security researchers with the majority of influential security companies represented.

Lily Newman, cybersecurity reporter at WIRED, attended this year’s event and confirmed the crowd is largely researcher focused, but not academic like USENIX. It’s one she felt was very valuable and hopes to attend again. According to VirusBulletin editor, Martijn Grooten, “Virus Bulletin is the main event where researchers and others working in threat intelligence get together to discuss the latest threats and the tools to detect and analyze them.”

ShmooCon [Jan. 18-20, 2019]

ShmooCon has rocketed in popularity over the last few years and with 2,200 attendees at January’s event, it’s difficult to get in. From a PR standpoint, you’re unlikely to get a ticket unless you work with a sponsor company. Shmoo, along with DerbyCon, functions as a workshop for practitioners to present material they hope will be accepted at DEFCON. This is an intimate venue and conference and that works to your advantage by providing direct access to practitioners and media. Given its location in DC there is usually a strong mix of media that attend — if your client is presenting it’s an opportunity to set up 1:1 reporter meetings.

Sean Gallagher is a huge fan and frequent attendee of Shmoo. He enjoys it as its a lower paying threshold for people to attend and the audience is all security practitioners meaning a lot of sources to network with. Given the location in DC, ShmooCon still has a good audience mix of students, government agency and vendor practitioners.

For 2019, look at these shows if you want to learn something new or take advantage of the locale to set up media briefings. And if you’re headed to RSA 2019, Highwire’s security practice will be there so reach us at secleads@highwirepr.com if you want to catch up!

#HWCyberSquad Named “PR Team of the Year” by Info Security Product Guide

Highwire’s security practice (#HWCyberSquad) was recognized as the Public Relations Team of the Year by the 15th Annual 2019 Info Security PG’s Global Excellence Awards, and as the leader of this tenacious group, I could not be more honored and proud of our team!

Over the years, our cybersecurity practice has expanded and evolved, becoming a core component of Highwire’s diverse client base. We work with innovative global brands who are tackling the cybersecurity problem from different angles — from applying AI to emerging threats, to creating new categories around human centric security and bridging relationships between security and DevOps, we have deep experience that runs the security gamut.

Our team has been responsible for driving multi-faceted integrated PR campaign, leveraging social media to amplify earned and owned content with paid promotion, and developing meaningful relationships with top tier media in the security space for the better part of its past 10 years as an agency. To be recognized and rewarded for our hard work means so much to our team, and further exemplifies our belief in the work and effort that we are putting in every day to elevate our clients’ stories.

The Global Excellence Awards, compiled by the industry leader in information security research – Info Security Program Guide, recognize cybersecurity programs and information technology solutions with innovative products, solutions, and services that are setting the bar higher for others in all areas of security and tech.

In addition to recognizing Highwire for its work in the industry, we are proud to share that this year’s Global Excellence Awards also recognized five of our outstanding clients for their ground-breaking work in security, including:

  • Akamai was recognized as a Grand Trophy Winner, a gold winner for both Enterprise Secure Access and Security Products and Solutions for Retail of the year; a silver winner for Innovation in Enterprise Security, DDoS Mitigation, Security Products and Solutions for Media and Entertainment, and best overall Security Company of the Year; and a bronze winner for White Paper or Research Report of the year.
  • Code42 was recognized as the Security Products and Solutions for Enterprise winner of the year.
  • Darktrace was recognized as a gold winner in cloud security, and Industrial Control Systems (ICS) and SCADA; a silver winner for Cyber Security Vendor Achievement of the Year, for its launch of the first ever autonomous response technology to neutralize cyber-attacks; and was recognized as the Best Overall Security Company of the Year.
  • InfoBlox was recognized as the New Products and Services winner of the year, for the Infoblox ActiveTrust Suite; and a bronze winner for Best Deployments in U.S.A..
  • Ixia was recognized as a silver winner for Best Security Hardware Product (New or Updated version), for Vision ONE with Active SSL; and a gold winner for Cyber Security Vendor Achievement of the Year, for serving as an integral addition to Keysight’s continued industry leadership.

As a security practice, we could not be more proud to work with the people that we do, day in and day out. Our teams and our clients are an exceptional group, and as demonstrated above, are certainly doing more than their fare share to pave the way for the future of an industry that evolves and advances quicker than most. For this award, and for our team, our clients and to work in the industry that we do everyday, we are incredibly grateful. Here’s to seeing what the next year has in store.