Highwire Boston Takes Home Two Gold Honors at the Bell Ringer Awards

Last week the Highwire Boston team attended the 51st Annual PR Club of New England Bell Ringer Awards, a program that recognizes outstanding achievement in New England public relations and marketing. The awards are broken into single item (i.e., single placement) and campaign categories with more than 30 awards granted in total. Heading into the event, the Highwire team were named finalists for two awards for its work with Akamai, a Boston-based company that secures and delivers digital experiences for some of the world’s largest companies.

 

The first nomination was for “Best High Tech Campaign,” which highlighted how the Highwire team worked closely alongside Akamai to develop recommendations and strategies around critical news, events and thought leadership over the last year to position the company as a cybersecurity innovator and leader.  The collective program over the last 12 months has enabled Akamai to increase the overall share of voice among key competitors by 36 percent and total press coverage by 67 percent, among other notable results.

 

The second nomination was for “Best Regional Print/Commentary” category. The Highwire team secured a Boston Globe feature spotlighting Akamai’s innovation on the front page of the business section on June 29, 2018. The feature explores how Akamai was crucial to streaming 2018 World Cup matches online.

The nominations resulted in not one, but two gold honors in both categories. We’re proud of not only the accomplishments of our team but also those of our peers. It was an incredible night, and we’re thrilled to extend our congratulations to both the Akamai team and all Bell Ringer award recipients. See you next year!

Analyst Trade Shows Standout in an Increasingly Digital World

For all the talk about marketing’s digital transformation, a heck of a lot of people are still attending physical trade shows. More than 42K attended the largest B2B security show, RSA Conference, in March 2019. More than 180K were in Las Vegas in January 2018 for CES, the massive consumer electronics show.

Many years ago, I believed that trade show popularity followed an inverted arc curve. At the apex of the curve– when a given show reached the peak of its popularity– is marketing saturation. Attendees would realize that a given show’s vendors all said the same thing, or, even worse, that the only people attending were non-practitioners. The show’s popularity would then see a precipitous decline.

My theory is easily disproved, given the longevity of certain shows I have attended for the majority of my career. But also disproven is a belief conditioned deep in my mind that the importance of physical trade shows will ultimately wane, given 1:1 marketing and the internet.

In truth, the concept of the trade show is amorphous and resilient. Alongside horizontal trade shows, such as CES, are a variety of other types of shows, such as user conferences. They commence as gatherings of peers to learn best practices for a specific solution but morph into living, breathing communities of their own.

A similar morphing might be underway among events run by industry analyst firms, which often prove to be wise investments by my clients. Incorporating industry analyst trade shows into a marketing mix is important for any B2B technology company, as long as those companies ponder a few key questions:

What’s the objective of your attendance? For companies interested in branding, a larger horizontal show avails you to a wide audience. Sponsoring trade show happenings, such as receptions or parties, creates buzz. Vertical and industry-analyst-driven events are more precise in their audience, and they should be considered if the objective is equally more narrow, such as driving customer acquisition.

One reason for attending an industry analyst event is to earn an audience with the analysts themselves. Regular communication with them is key to understanding the conditioning of the market and to teach the analyst as to why a given solution is ideal for where an industry is headed.

What is the target audience for the organization running the event? Certainly it’s important to know who is attending a given show, but a better way to look at this is to evaluate the audience that the show’s organizers care about. The more zeroed-in an organizer is on a target audience, the more zeroed-in that organization’s event is on that audience.

Evaluating the audiences an analyst firm cares about is not hard—simply review published research. However, organizations sometimes are misled by the credibility of a given firm and blindly sign up for that firm’s events, even if the firm doesn’t write for the correct end-user audience and has not defined a research area for those users. Most analyst firms place tech vendors in categories; if a given firm doesn’t have a category for you, it’s probably a wasted investment to attend that firm’s events.

Are there desirable outcomes beyond visibility and high-level lead generation? The right analyst trade shows gather a targeted list of influencers that matter to marketing efforts. Today’s digital world presents wide-ranging opportunities to leverage them.

Influencer dinners during the events are an informal setting to discuss trends. If they are positioned as such they have long-tail benefits. Dinner guests are more likely in the future to engage with the host’s content, act as a reference for marketing campaigns, or, obviously, mention the company in online comments or stories.

On-site social efforts by an exhibitor demonstrate that company’s commitment to the target audience. Visuals and short YouTube-quality videos from the events drive better engagement numbers than general thought leadership content.

Physical trade shows remain an important part of an organization’s marketing mix. And increasing the investment in shows run by analysts can deliver a nice return, as long as the audience and potential impact of such an investment are carefully weighed.

RSA Day 3: The security industry’s dark secret takes center stage

Thursday’s opening keynote addressed an issue that has become front and center for the security industry over the last year—mental health.

Last August at Black Hat was the first time a specific conference track had been dedicated to the infosec community to present on stress, burnout and mental health. Fortunately, that has carried over to RSA which featured a stimulating conversation between Josh Corman of I am the Cavalry and Christina Maslach, a Professor of Psychology (Emerita) and a Researcher at the Healthy Workplaces Center at the University of California, Berkeley.

As Maslach stated, Silicon Valley has always encouraged and rewarded burnout. In the ’90s during the dot-com boom, it was seen as a badge of honor to work for days on end and sleeping (when you could) underneath your desk. You would do this for a couple of years with the reward being some sick stock options.

Workforce shortage exacerbates burnout

The skills shortage in the cyber industry has been a common topic for years now and most vendors use it as a talking point by claiming their AI/ML infused products will augment this issue. This skills shortage has another effect though—increasing the chance of burnout.

As Maslach mentioned to Corman on-stage it’s hard not to react to every single little sound or vibration whether it comes from our phone or computer. However, that is just an everyday human problem, now think about this in the context of a security operations engineer.

Organizations typically use dozens of different tools on a daily basis—CSO reported in 2016 that the average company uses 75. I installed a Google Calendar extension into Slack this week and am overwhelmed just from those notifications, it’s hard to picture that x75.

Culture and managerial structure can be a differentiator

I particularly enjoyed Corman’s personal anecdotes from his infosec career and how different managerial structures and company culture can either help combat or unintentionally encourage burnout.

Companies should be mindful that certain managerial decisions or even reward systems can directly contribute to burnout. Organizations that ask all members for feedback on ways to treat each other better can help be proactive given our resources are people and as stated previously those are already in short supply.

Incident responders are the digital equivalent of first responders in the medical field. At times we have to hold secrets about our work which can add additional stress. Unfortunately, there are times when coworkers are showing signs of burnout and instead of empathy and compassion they are called weak and told they aren’t cut out for the industry.

Stay in your lane

It was refreshing to listen to Corman and Maslach given earlier drama this week as SOAR upstart, Swimlane, attempted a tone-deaf stunt that backfired as RSA banned the vendor from the conference at Moscone.

Swimlane staged a fake protest to promote its product which relies heavily on automation and positioned itself as helping combat analyst burnout and stress. (See a picture of the protest from Tom’s Guide security editor, Paul Wagenseil.)

To make matters worse, Swimlane issued a press release claiming it was wronged by RSA. Whatever buzz they hoped to generate at the show ended up rubbing many the wrong way.

I for one enjoyed my time with the adoptable puppies at the ThreatQuotient booth. This was a cuddlier and friendlier way to generate attention at a packed Moscone Center rather than playing the victim after poking light at mental health to promote a product.

Building a safe and inclusive infosec community

At the end of the day we’re going to get the culture we invest in and it’s important to work for an organization that encourages feedback and ideas from every member.

During a conversation with a data scientist colleague this week he remarked, “the greatest minds of our generation are trying to get people to click on ads.” This was top of mind as I took in Thursday’s keynote.

While it won’t happen overnight, hopefully raising the issue of mental health in our industry and fostering an inclusive and safe environment can counteract the very people who are trying to make us more glued to our screens.

RSA Day 2: Getting More Involved in the Cyber Issues that Matter

While yesterday’s RSA keynotes highlighted the need for increased trust and transparency in cybersecurity, today’s discussions were all centered around how to make those changes a reality – starting with getting individuals more involved in the issues that matter.

Calls for Comprehensive Legislation

Harvard Kennedy School’s Bruce Schneier kicked off the conversation by discussing how technologists can get more involved in impacting cybersecurity legislation. While the internet has developed exponentially since its creation, legislation surrounding it has not. Schneier stressed that this needs to be changed and it needs to start with people who understand the technologies dominating the security landscape on both sides of the battlefield.

He touched on current cybersecurity regulations like the EU’s implementation of GDPR, Australia’s implementation of legislation that enables law enforcement to access encrypted data upon request, and how the U.S. can start getting more involved in the conversation. The takeaway? If we want technology to continue to grow and expand in a way that is going to be beneficial, we have to get it under control. And the best way to ensure its longevity is by getting the people who know it best more involved.

Power to the People

Microsoft’s Corporate VP of the Cybersecurity Solutions Group, Ann Johnson, also used her time to discuss the more human aspects of the industry – namely noting how expanding the cyber workforce and increasing its diversity will be the best way to propel the technology behind it. She emphasized that work in cybersecurity can be the most rewarding, yet the most taxing. This could explain both the exceptionally high stress rate among industry professionals and the three million job openings still vacant within cybersecurity organizations.

Johnson encouraged organizations to prioritize a diverse workforce and to foster more positive atmospheres. She discussed how these steps can boost employee retention and provide variety in organizational approaches to issues. She also noted that more diverse teams make better decisions 87% of the time. Johnson highlighted how work in technology and cybersecurity, in particular, is beginning to change. As today’s tools become more capable of alleviating some of the responsibility formerly held by human counterparts, professionals are starting to explore new avenues in the field. “Tech is amplifying our human capacity to separate the humans from the noise,” Johnson said.

Combining Tech and Human Intelligence

Facebook’s Head of Cyber Security, Nathaniel Gleicher, and Twitter’s VP of Trust and Safety, Del Harvey, also discussed the necessary partnership between tech and human responsibility, which together allows platforms to better differentiate between human and non-human interference and determine next steps accordingly. They each discussed some of the sensitivities that both platforms face when regulating user content, most notably how to differentiate technical interference with legitimate content so as not to violate users’ first amendment rights. But both individuals noted that as technology continues to advance, the lines between technology and legislation continue to blur.

Overall, day two of RSA highlighted the incredible contrast between just how far technology and cybersecurity have come, and how much farther the industry and legislation behind it must advance in order to keep it as reliable and benevolent as possible. But if today’s speakers emphasized anything, it was that change is never quite as far away as it seems –  in fact, it is already taking place and it is starting with security technologists like you and me.

RSA Day 1: Takeaways from the #HWCyberSquad

Last year we saw major data breaches monopolize the headlines, while privacy issues became top policy discussion items. 2018 was the year that trust was lost.

The 2019 RSA Conference theme “better” was broken down in this morning’s opening keynotes with the idea of trust in mind as the security community comes together to grapple with these major issues. The keynotes outlined three steps in order to achieve better trust in the future.  

Risk and Trust can Coexist

The first step in building trust within security is recognizing that risk and trust can coexist. Software has increasingly integrated into all aspects of our lives, and with that, data consumption has also increased, creating a high cyber risk environment.

By focusing on risk management and recognizing its prevalence, security teams will begin to gain that trust back. We are seeing this addressed by technologies being created with risk management integrations. New technologies are now ensuring some form of risk management or mitigation options. Along with these integrations, policies are also starting to emerge to support risk management and ultimately ensure trust in a high-risk landscape.

Man and Machine Need to Work Together

The second step is recognizing that if people work closely with machines we will produce the most trusted security. When AI was first introduced to the security world, many people worried that machines would take over jobs, because they could quickly and efficiently resolve issues or questions. However, we found that although machines could get to an answer quicker than any human, they could not explain how they got there. This broke down the trust in the machine’s ability to verify the security it was providing.

We now know that the best way to build trust in security is for human and machine to work closely together. The technology can then accurately and quickly resolve the issues that the security teams identify and ask it to address.

Creating a Chain of Trust

The final step is to build a chain of trust. Having security teams work and communicate together will be the best way to achieve the most trusted results. In the past, security teams worked in the background and only shared insight and data with a closed group of peers. However, this culture has already seen a major shift. There have even been infosec sharing companies created with the sole purpose of sharing insight and data to help others better protect and secure data.

Businesses are learning from this and evolving the chain of trust to also reach consumers by keeping them informed of what data they have collected on each person and what it is being used for.

Moving into 2019, the security industry is already taking major steps forward in regaining trust in what they’re capable of to achieve a better future.

Check back tomorrow for the next blog in this series live from RSA.

The #HWCyberSquad Recommends These Five Security Events in 2019

As one of the biggest security conferences of the year draws closer, the #HWCyberSquad decided to examine other key cybersecurity events that are of value from both a networking and PR perspective. With so much noise around RSA and Black Hat, smaller events are becoming increasingly valuable in publicizing research and for networking with influential contacts in both media and security.

Highwire’s own Ben Wolfson chatted with several notable security influencers from Ars Technica, VICE, Motherboard, WIRED and VirusBulletin on their experiences at some of the lesser-known, but rising-in-influence conferences.

CyberWarCon [inaugural conference was held on Nov. 28, 2018, TBD on 2019 edition]

CyberWarCon kicked off it’s inaugural conference as a one-day, single track event in DC in November of last year. Organized by FireEye’s John Hultquist the content was geared around nation-state topics, ICS cybersecurity and cyber policy debates.

It featured a keynote from Thomas Rid and a compelling debate on U.S. cyber deterrence operations featuring Jason Healey and Neil Jenkins. Both Wired’s Lily Newman and Wall Street Journal’s Dustin Volz voiced their enjoyment of the event. The show generated a lot of engagement on infosec Twitter accounts with other DC-area security reporters in attendance along with many practitioners and incident responders.

Derbycon [Sept. 20 – 22, 2019]

DerbyCon celebrated its eighth iteration this October. The Louisville-based conference has an elite attendee profile comprised of recognized practitioners and more technical security media. According to national security editor at Ars Technica, Sean Gallagher, “media that attend DerbyCon are hardcore security people – [there are a] small number of reporters there [that are] deep in the industry. Outside of DEFCON, [it’s] probably one of the more well-known hacker conferences with high-quality content.”

The content is extremely technical and now gets over 1,000 attendees. From a PR standpoint, many speakers attend to workshop and present material they hope to submit to DEF CON later in the year. Key takeaway: This conference is of high value to network and learn. Note:  Founder Dave Kennedy recently announced the September 2019 show will mark the last edition of DerbyCon.

HOPE — Hackers on Planet Earth [July 20-23, 2018; TBD for next edition]

Typically a bi-annual event held in Manhattan, the content and attendees are very much in-line with the cyberpunk movement. Topics that are popular include internet free speech/regulation, encryption, privacy and more. While this might not be an event to recommend your client participate in, it is a great one to meet reporters on-site and attend as a PR practitioner.

According to VICE Motherboard’s cybersecurity reporter, Lorenzo Francheschi-Biccherai,the audience is more activists and political than other conferences. Talks are less research driven and are more political. There are some interesting talks but totally different style than Black Hat and DEFCON.”  

VirusBulletin [Oct. 2-4, 2019]

VirusBulletin is a magazine solely dedicated to the prevention, detection and removal of malware which has an annual conference in late-September or early-October for cybersecurity pros. The location changes each year (2018 edition was in Montreal) making it a global conference, albeit more expensive to travel to. The speakers and attendees are often the who’s who of security researchers with the majority of influential security companies represented.

Lily Newman, cybersecurity reporter at WIRED, attended this year’s event and confirmed the crowd is largely researcher focused, but not academic like USENIX. It’s one she felt was very valuable and hopes to attend again. According to VirusBulletin editor, Martijn Grooten, “Virus Bulletin is the main event where researchers and others working in threat intelligence get together to discuss the latest threats and the tools to detect and analyze them.”

ShmooCon [Jan. 18-20, 2019]

ShmooCon has rocketed in popularity over the last few years and with 2,200 attendees at January’s event, it’s difficult to get in. From a PR standpoint, you’re unlikely to get a ticket unless you work with a sponsor company. Shmoo, along with DerbyCon, functions as a workshop for practitioners to present material they hope will be accepted at DEFCON. This is an intimate venue and conference and that works to your advantage by providing direct access to practitioners and media. Given its location in DC there is usually a strong mix of media that attend — if your client is presenting it’s an opportunity to set up 1:1 reporter meetings.

Sean Gallagher is a huge fan and frequent attendee of Shmoo. He enjoys it as its a lower paying threshold for people to attend and the audience is all security practitioners meaning a lot of sources to network with. Given the location in DC, ShmooCon still has a good audience mix of students, government agency and vendor practitioners.

For 2019, look at these shows if you want to learn something new or take advantage of the locale to set up media briefings. And if you’re headed to RSA 2019, Highwire’s security practice will be there so reach us at secleads@highwirepr.com if you want to catch up!

What the RSA 2019 Speaker Submissions Tell us About Security Trendlines

The RSA Conference in the U.S. has maintained its stance as one of the most popular events in security since its founding in 1991. In 2018, RSA welcomed approximately 50,000 attendees.

While many attendees have griped about how corporate the show floor has become, the keynotes and speaker presentations continue to draw some of the industry’s most forward-thinking leaders on a broad range of topics.

This year, representatives from the committee that selects RSA sessions hosted a podcast where they identified the most popular topics submitted for each track and what they predict to be the 2019 industry trends as a result. Highwire’s #CyberSquad listened in and summed up the key points, which we expect to closely mirror 2019 media trends. Read on for the skinny:

Hackers and Threats Track: DevSecOps to Become Mainstream

This year RSA added a new speaking track called Hackers and Threats to meet a more technical audience that’s focused on live demos and/or code dissection. There are two popular session topics for this track, the Internet of Things (IoT), as well as AI and ML. For IoT the focus is on how security teams can maintain security with the increasing amount of data coming in from multiple devices. For AI and ML, these sessions tie to tactical ways that businesses can leverage these capabilities while also breaking down how adversaries are working just as quickly to create techniques to subvert them. The main message throughout all the speaking sessions in this track is DevSecOps. This is a term the industry will see taking over headlines in the years to come as security teams prove how successful this approach is in ensuring agility, automation, and scalability.  

Emerging Threats Track: Ransomware Maintains Popularity Over Cryptojacking

Cryptojacking took over headlines throughout 2018 as a newly publicized form of attack whereby a bad actor gains unauthorized access to someone’s computer to mine for cryptocurrency like bitcoin. However, recent research revealed that despite the attention, cryptojacking does not have a very high return on investment, with popular websites only making $119-340 per day. So, while cryptojacking will continue to be a focus in the media, due mainly to its newness and ties to organized crime, ransomware will maintain its popularity with cybercriminals and media focus on successful attacks because of its increasingly high earnings – a $2B industry in 2018.

Blockchain and Applied Crypto Track: Blockchain for Good

Blockchain has continuously been a buzzword in the security industry, although the conversations around it have started to shift from a magical unicorn to a tool that organizations are working to understand so they can leverage it for their own security practices. In the Blockchain and Applied Crypto track, leveraging blockchain for good prevailed as the most popular track topic. Moving into 2019, as more companies across industries learn how to create a blockchain system applicable to their security ecosystem, we’ll begin to see a rebranding of this technology toward protection for all.

Security Strategy and Architecture Track: Zero Trust in Third Parties

Organizations face one of their biggest challenges when securing their trust with third-party partners – the grey area between a trusted company employee and an obvious outsider threat. In this year’s Security Strategy and Architecture track, the majority of speaking sessions focus on dealing with this challenge and defining Zero Trust. In order to have a functioning and successful partnership, trust in the access granted to third parties needs to be authorized and access needs to be monitored. This will continue to be a topic of discussion throughout 2019 as companies look inward at their own third-party trust processes and ensure the proper access for all sensitive data they are storing.

Highwire’s cybersecurity practice will be at the RSA 2019 conference to catch up with our clients, speak with industry influencers on the showroom floor, and learn as much as possible about the latest trends to inform new ideas and storylines in 2019 and beyond.

Want to catch up at the show? Email secleads@highwirepr.com.

Boston’s Tech Scene is Thriving: Here’s a Firsthand Look

Despite its long history in technology and innovation, Boston often gets overlooked by those in the startup scene. But a recent event proved that entrepreneurs don’t need to be based in Silicon Valley to be successful. In fact — the local Boston tech scene is thriving.

Boston Tech Jam brought together more than 7,500 techies from different organizations to celebrate the local companies disrupting the technology industry. From niche startups like HarmonicDrive and Lime Bike, to major brands such as Osram, DraftKings, and Liberty Mutual, Boston Tech Jam proved that Boston continues to be a hub for innovation.

Here are a few of Highwire’s top takeaways from the event:

  • Boston continues to lead the way for advancements in robotics, IoT, and artificial intelligence. We saw expertise while the BTJ team rolled out a new area dedicated to robots.
  • Local universities continue to fuel young talent for local companies. This year, Kronos hosted a Battle of the Interns who set out through the city of Boston on a scavenger hunt emphasizing team-building and collaboration.
  • As a whole, we’re still a highly competitive group of people! Just ask the cornhole games, mechanical bull or ski-ball games that had a line all night!

We hope to see you at the next Boston Tech Jam!

Behind the Scenes with Black Hat Comms Lead

Logo of the Black Hat conference

It’s nearly time for Black Hat USA and given RSA was so late in the year, it seems to have snuck up on everyone quicker than ever.

But no fear, Highwire’s Cyber Squad is on top of it—this year, we interviewed Kimberly Samra, PR Manager for Black Hat and lead for UBM’s technology portfolio, to get a pulse on what the hottest trends at the show will be and how attendees and PR practitioners alike can make the most of their time at the conference this year.

See below for information ranging from themes that will attract a lot of attention at the show—including election security, critical infrastructure and privacy—and tips for how to break through to reporters and tell your story. We hope this information helps you make the most of your time at Black Hat. If you’re heading down and want to meet up with the Highwire Cyber Squad, please email us at secleads@highwirepr.com.

Now, back to our scheduled programming to get the inside scoop from Kimberly Samra, PR manager for Black Hat:

Q) How has PR at Black Hat changed?

The PR landscape has certainly expanded with the growth of the security industry. While we still see the usual big-time security reporters covering the event, coverage is shifting across multiple verticals as the industry transitions and becomes such an essential part of our everyday lives. As discussed in Black Hat’s new research report, “Where Cybersecurity Stands” security has quickly become mainstream, touching everything from politics to international relations, commerce, money and human relations—it really has a hand in everything these days.

So as PR folks ramp up for the event, they should tailor their outreach strategies thinking beyond items specific to security and ensure their pitches demonstrate how people and consumers are affected on a grander scale.

Q) Have you seen a shift in Black Hat audience? More CIOs and technology buyers?

As the event grows we definitely see a wider range of professionals attending. While the Briefings program is at the core of what we offer to our audience, we’ve seen our Business Hall expand to welcome top vendors in the industry interested in sharing their latest and greatest tools and how they’re pushing security innovation forward through advanced research. Our Black Hat CISO Summit has also grown as more executives are making security a top priority.

Black Hat as a whole really brings together every aspect of the industry and is a hub for all things security. It’s the must-attend security event of the year and we’re happy to continue adding to our offerings and the content media is exposed to so they can report critical insights to the public.

Q) What are the top trends you expect to see at the show this year?

Of course we always see a lot of attention around big-name vendors, mobile, IoT, payment systems, critical infrastructure, etc. However, not surprisingly, we’ve seen a lot of buzz around voting technology and privacy. As folks look toward the upcoming elections and draw from all the controversy around the 2016 U.S. presidential race, they’re looking to security experts to answer questions about how vulnerabilities found in voting technology could affect outcomes and any other potential issues that could unknowingly change the course of political history.  

Privacy on the other hand is a vast issue that remains top of mind for people on many levels—from those working in government, the enterprise level and everyday citizens. We’ve all seen headlines pertaining to the Facebook investigation, the global effects of GDPR, and continued reports of security breaches. It’s no secret that people are questioning their privacy and how their data is being used. It’s a widespread topic and the research being done within the security industry is pertinent to learning more and making moves toward protection.

Q) Is there anything new happening at the show?

Yes! We’re really excited about a number of new offerings this year, specifically the expansion of our community programs. Black Hat has taken strategic steps over the years to ensure our program expands and continues to welcome and serve a wider audience. A few years back we began work around inclusivity through dedicated diversity programs. We’re proud that these programs have continued to grow and that we’re now able tap into programming specific to the needs of the community on a much larger scale.

On the Briefings side, we’ll see content coming from the new Community Track, which was developed to provide a forum for discussion on relevant issues currently impacting the InfoSec community. These talks will dive into important topics including careers, legal issues, inclusion, diversity, attribution, substance abuse, mental health, burnout, security awareness, work-life balance and more. We’ll also be holding Community Workshops which have been made to encourage collaboration among the Black Hat community; attendees will be exposed to everything from personal digital resilience to mentorship and career-building strategies.

And of course, we’ll see the return of our scholarship program and our work with non-profit partners, two items we’re really passionate about as we engage with and encourage the next generation of security professionals and give back to the community we service.

Q) What advice can you offer for companies looking to prepare to pitch reporters at Black Hat?

Companies should keep in mind the scale of Black Hat as well as the happenings throughout the week—remember, it’s called “Hacker Summer Camp” for a reason. Do your homework and tailor what you’re trying to pitch specifically to the reporter you’re reaching out to—a pitch that’s only specific to a security product announcement won’t always do the trick.

Questions you should ask yourself: Are you familiar with the headlines out there right now? Does your content pertain to big topics like privacy, critical infrastructure or maybe companies a certain journalist regularly writes about? Think of yourself as a valuable source rather than someone trying to simply sell a reporter on a story.

Also, make it easy on them! There is so much going on leading up to the event and especially onsite, you don’t want your news to get swept up in the hustle bustle especially if press have to decipher your message and how it applies to a potential big story. Take a step back, focus on what the big takeaway is, and figure out the headline—if you were a reporter, how would you envision the story? It’s like delivering a ready-made gift.

And start now! Don’t wait to get your news out to registered media. Remember, their schedules are packed onsite so you need to get on their radars now so they can make time for you.

See here for an interview with Black Hat communications director from 2016 for a look back at trends over the years.

Learn more about Highwire’s security practice here or reach out to us at secleads@highwirepr.com to continue the conversation. We’ll be at the conference, so we’re looking forward to meeting you on the show floor to hear your story!

What We Learned At Money20/20 2017

Courtesy Jefferson Graham

Setting up biometrics for payment verification at Money20/20. Photo courtesy of Jefferson Graham.

Biometrics, facial recognition and implanted chips were just some of the advancements in payments at this year’s Money20/20 conference. Trending topics included digital currencies and blockchain with supporters such as Steve Wozniak and skeptics like the Bill and Melinda Gates Foundation. Uber, with partners Barclays and Visa, released a credit card. Shopping experiences are changing with augmented reality glasses, iris authentication and advanced mobile payments. Check out some of our key takeaways from this event.

New Payments/Higher Adoption With Alternative Methods

  • Only 25% of US retailers offer contactless terminals accepting mobile payments and only 10% of consumers pay with mobile. Despite these low stats, tech companies are trying new methods.
  • Biometrics – Facial recognition can be safer and more reliable than a thumbprint. Users can sign in with their eyes, facial expressions and voice. Even traditional credit card companies are adopting this. Visa is offering biometrics for its mobile wallet, Visa Checkout and Mastercard are forgoing signatures post-purchases.
  • Finger – FingoPay, a finger scanner connected to your credit card can be used without a cell phone. “You become the wallet,” said Nick Dryden of FingoPay.
  • Implanted Chips – The Wisconsin company, Three Square Market, that implanted microchips in their employees last summer also made an appearance. No batteries, pins, or passwords are needed to make a payment.

Digital Currencies and Blockchain

  • Steve Wozniak thinks Bitcoin is better than both gold and the US dollar because it cannot be diluted. Bitcoin is more mathematical than gold because it’s regulated and “nobody can change mathematics.”
  • Both bitcoin and blockchain have the potential to help financial inclusion, but there have been questions if the technology is there yet. One reason is performance. No public blockchain can match the 1,000 or more transactions per second of real-time domestic payment systems.
  • Not everyone was skeptical of these new financial solutions. Christine Duhaime, founder of the Digital Finance Institute, a Canadian fintech think tank, was all for it. For countries, such as Afghanistan, where exchanging money is dangerous and financial services are limited, bitcoin can be a safer option.

“It allows access to capital for Joe Average on the street, said Christine Duhaime, founder of the Digital Finance Institute. “It could be a farmer, it could be a billionaire – it doesn’t matter. You skip the markets, you skip the infrastructure, you get access to capital.”

Uber’s Credit Card

  • Backed by Barclays bank, Uber’s new no fee credit card adds tracking and rewards directly into the Uber app. Rewards range from such as 4% percent back on dining, 3% on travel, 2% of online purchases and 1% cash back on other transactions.
  • So what’s the catch? Lack of consumer data privacy could be one. Uber has had past issues with tracking unaware customers’ locations with God View.
  • Starting November 2, Uber will give users the option to get the card right in-app or online.

Augmented Reality Shopping  

  • Mastercard showed fashionistas the future of retail complete with an AR-based shopping experience. Shoppers could see digital representations of products through ODG’s sleek smart glasses before purchase and learn about options that are not available in stores.
  • To pay for your new clothes and accessories, Qualcomm’s technology and iris authentication allows users to select a card from their Mastercard Masterpass-enabled wallet to pay. Items could be shipped either to stores or your home for pick-up.