5 Tips for Executing a Great Newsjack

5 KEYS TO A GREAT NEWSJACK
How One PR Pro Used Common Tools to
Execute a Newsjack & Win Huge Media
Coverage
ANTHONY HARDMAN
SecureState Public Relations Expert

Anthony Hardman
Public Relations Expert,
SecureState
@ahardman
www.linkedin.com/in/anthonyhardman
@SecureState

THE KEY TO NEWSJACKING
Anthony Hardman, SecureState Public Relations Expert

SecureState is a global management consulting firm
focused on information security, and is one of just 11
companies authorized to investigate credit card holder
data breaches.
The significant data breaches suffered by leading
retailers at the end of 2013 generated significant news
coverage and represented an important opportunity for
SecureState.
Anthony Hardman is the company’s only public relations
employee. Here is how he pulled off an amazing
newsjack with common PR tools – all by himself.


Focus on standing out.

“The first key to earning media
attention is determining what
you can add to the story that no
one else is talking about.”


Start with the people you know.
“I pulled up all my media contacts
who I thought would be interested
in the story and started making
phone calls. When you have an
existing relationship with a
reporter, it’s okay to call.”

In under 30 minutes, two TV stations
had committed to on-site interviews,
and one of them also booked an instudio interview for that night’s
newscast.


Target confirmed to ABC News Friday that the additional personal information discovered stolen
in the pre-Christmas breach "was obtained through the normal course of Target's business,"
which is to say both in-store and online.
Ken Stasiak, CEO of information-based security firm Secure State, said it's common to see
security breaches at retailers right before and after the holiday season. Stasiak said companies
often don't want to add security to their payment system if it hinders customers from making a
purchase.
"They don't want the system to go down," for security reasons, said Stasiak. "They want the
money if the security gets more lax during the busy season, it's just the fact of the matter."
Stasiak said that customers with compromised credit cards can almost always have fraudulent
charges removed and be issued a new card. The real headache comes when additional data
about a customer is stolen and identity theft becomes an issue.


Mine your media database.
“The next step was firing up my
Agility media database and
creating a targeted list of
contacts to whom I could
distribute my pitch.”


“In cases where time is
limited,such as a
newsjack, a mass email is
appropriate …but be
selective about the
recipients.”

The emails sent to the lists
created in the Agility platform
resulted in coverage in the
LA Times, numerous trade
publications and an interview for
SecureState’s CEO on PBS
NewsHour.

Target disclosed the security breach Thursday, saying the thieves had purloined customer
names, card numbers and a security code encrypted in the magnetic strip. The theft enables
the culprits to make phony credit cards, make fraudulent purchases or siphon money from
bank accounts.

The data breach underscored the evolving sophistication of cybercriminals and the persistent
vulnerability of retailers and consumers despite dozens of past incidents at major retailers.
“How do you get 40 million credit cards and no one knows about it?” said Ken
Stasiak, chief executive of SecureState, which investigates cybercrimes. “That's a hell of
a lot of credit cards. There should have been someone inside the company who spotted this
much sooner.”
The Target attack appeared to be well thought out and executed with great precision.
The Minneapolis retailer said the hack occurred between Nov. 27, just before the annual
holiday shopping frenzy, and Dec. 15. The breach affects people who bought goods at any of
Target's 1,797 stores nationwide, but doesn't affect those who made purchases online.


Respond to journalist queries.

“I knew I had struck media
relations gold when I
responded to a query on
ProfNet from the Associated
Press.”

The resulting story - Tips for Consumers
Worried about the Target Breach - hit the
AP national wire, and was picked up in
media outlets from coast to coast.


Q: How did the breach occur?
A: Target isn‟t saying how it happened. Industry experts note that companies such as Target spend
millions of dollars each year on credit card security, making a theft of this magnitude particularly
alarming.
Experts disagree about how the breach might have happened.
Avivah Litan, a security analyst with Gartner Research, says given all the security, she believes the
breach may have been an inside job.
But thefts of this size are too big to be the work of company employees, says Ken Stasiak, founder
and CEO of Secure State, a Cleveland-based information security firm that investigates data
breaches like this one. Stasiak says that such breaches are generally perpetrated by organized crime or
an overseas, state-sponsored hacker group.
Stasiak‟s theory is that the hackers were able to breach Target‟s main information hub and then wrote a
code that gave them access to the company‟s point of sale system and all of its cash registers. That
access allowed the hackers to capture the data from shoppers‟ cards as they were swiped.
James Lyne, global head of security research for the computer security firm Sophos, says something
clearly went wrong with Target‟s security measures.
„„Forty million cards stolen really shows a substantial security failure,‟‟ he says. „„This shouldn‟t have
happened.‟‟


Experts disagree about how the breach might have happened.
Avivah Litan, a security analyst with Gartner Research, says given all the security, she believes
the breach may have been an inside job.

But thefts of this size are too big to be the work of company employees, says Ken
Stasiak, founder and CEO of Secure State, a Cleveland-based information security firm that
investigates data breaches like this one. Stasiak says that such breaches are generally
perpetrated by organized crime or an overseas, state-sponsored hacker group.
Stasiak's theory is that the hackers were able to breach Target's main information hub and then
wrote a code that gave them access to the company's point of sale system and all of its cash
registers. That access allowed the hackers to capture the data from shoppers' cards as they
were swiped.


Q: How did this happen?

A: Target has said that the breach was caused by malware that affected its U.S. stores.
Ken Stasiak, founder and CEO of SecureState, a Cleveland-based information security firm
that investigates data breaches like this one, says it's likely that the perpetrators infiltrated
Target's main information hub with malware and from there were able to access the store pointof-sale systems. Once the malware was in the POS systems, it could collect credit and debit
card numbers as the cards were swiped.
Stasiak notes that retailers routinely collect personal information such as addresses, emails
and phone numbers through things such as rewards cards when sales are made, so that
information is also contained on POS systems just like credit card numbers.


Leveraged owned media.
“Two internal experts wrote
related blog posts. I published
and promoted them through
every channel I could, which
included social media and a news
release promoting the content.”

The news releases SecureState has
issued are the second-largest
referrer of visitors to the company’s
web site, behind search engines.


“When you’re one person, you have
to be agile and you have to use what
you have.” – Anthony Hardman
For an in-depth discussion of Anthony’s
tactical approach, read our related blog
post:
5 Tips for Pulling Off a Newsjack with
Common PR Tools

http://www.prnewswire.com/products-services/agility/


5 Tips for Executing a Great Newsjack

5 Tips for Executing a Great Newsjack

More Related Content

What's hot

Viewers also liked

Similar to 5 Tips for Executing a Great Newsjack

More from prnewswire

Recently uploaded

5 Tips for Executing a Great Newsjack