When should cyber security vendors change their PR agencies?

There comes a point in some professional relationships when things aren’t working out because one of the partners isn’t living up to expectations, and the other is thinking: “Is this really worth it?”. The aggrieved party will have a few options as to a way forward – change partners, stick with their partner and demand changes, or just carry on with the status quo in the hope that things will improve. Hopefully most people would plump for choice one or two. However, in the world of PR it would appear that an alarming number of decision-makers settle on choice three.

A recent éclat survey of PR and marketing decision makers working for cyber security vendors found that many were not getting the service they deserved from their agencies. Astonishingly, half (50 percent) said that their account team was either average or below with a patchy or poor understanding of the cyber security industry. It’s hard to believe that so many companies are happy to settle for middle of the road. So, what should they be expecting from their agencies?

Measuring up

The number one demand firms should be making of their PR and marketing agencies is for metrics that can show the ROI they are generating. Our survey showed that one third of companies didn’t have any measurable goals in place for their PR agencies. That is bizarre. How can anyone know they are succeeding if they have no key metrics? There is a school of thought that PR is not measurable, but that is a disservice to the profession. Any agency should be pushing for clear objectives against which they can demonstrate performance and even justify further investment.

For example, if a client’s goal is to become a thought leader in cyber security, an effective method of measuring this is share of voice in the media compared to competitors. Other examples include evaluating coverage against competitors on thought leadership topics, or in tier one titles, or analysing sentiment of coverage – as we all know it’s not just about quantity but also quality of coverage. It’s also important to measure impact on website traffic as there is usually a correlation with the publication of important articles in high profile media. These metrics will need to be taken before the campaign and during it on a regular basis, ideally quarterly, to show what improvement has been achieved.

Focus on objectives, not time spent

More than half (53 percent) of those surveyed said that their PR agencies don’t proactively come up with new initiatives to generate coverage on a regular basis. This is likely to be due to the fact many agencies rely on tactical PR. PR agencies have moved from issuing press releases to responding to breaking news as the primary means of generating coverage. However, this can result in the agency becoming reactive, which means that the client ends up following the conversation rather than directing it. It goes without saying that you cannot become a thought leader if you are not actually leading.

Another factor is that many agencies offer contracts based on time quotas rather than meeting objectives, meaning they will carry out tasks just to fulfil their time allocation. As such it is not in their interest to come up with new ideas. This is clearly a flawed system in regard to desired outcomes for clients. Instead of looking for an agency that charges on time and effort, cyber security decision makers should look for one that is focussed on achieving objectives and outcomes and, like éclat, offers a Payment-by-Results business model that links payment with hitting targets

Appreciating the business, knowing the industry

A real telling indictment of how marketeers feel about the level of satisfaction with their incumbent agency, is would they choose to appoint them again if they moved to another company in the sector. Our survey showed that only a third (37 percent) would definitely reappoint. That is quite an eye opener and makes you wonder why the remaining two-thirds are still with their agencies. So, why aren’t more businesses changing agencies? For many it could be a case of better the devil you know. Maybe they are not happy with how their agency is performing, but if they change it could be worse.

There are instances where this could be the case particularly if they don’t carefully evaluate the failure for the partnership on both the client and agency side and draw up a clear specification of the skills experience and type of agency they want to work with moving forward. It’s also important to look internally within your own company to see if you are upholding your part of the bargain. Ultimately, PR is a partnership and if the client is not sharing the latest news and views from within the company that could be compromising the success of the programme.

In selecting a new agency it’s important to determine the level of cybersecurity industry knowledge and contacts you want the agency to have. As our survey showed six in 10 (61%) lacked a good understanding of the sector. In this case, the agency will find it hard to suggest campaign ideas as it will not be on top of what is topical and newsworthy in the sector. Only a specialist can do this.

Size of agency can also be an important consideration in choosing a new partner.  Our survey showed that only three out of 10 businesses felt they were one of their agency’s most important clients. So, it’s important to determine the correct level of investment to achieve your goals and also to ensure that you will get the mindshare of the agency’s senior management.   Being a small fish in a big agency pond is seldom a recipe for success!

Should you stay or should you go?

In the event that a client is not happy, they have to feed this back to the agency if they want the situation to improve. The agency and partner should look to put in place steps to remediate any shortcomings which must be measurable so that success or failure can be easily determined. There should be an expectation that these are achieved within a specific time period, such as a quarter. If there is no marked improvement, then the business should seek out a new agency.

In a nutshell, cyber security firms need PR and marketing agencies that are going to proactively increase awareness about their brands in order to drive sales. This can only be achieved by employing agencies that have the right knowledge and experience and are able to quantifiably demonstrate the difference they are making to the perception of the company. If a current agency is unable to do this, then it is time to move onto pastures  new.

Check out the Code Red podcast to hear an example of why a cyber security vendor changed their PR agency.

Our Insights

Two in Three Marketing Decision Makers at Cyber Security Vendors Would Consider Not Reappointing their Current PR Agency Finds New Survey