Security companies excel at explaining complex technologies but often struggle to reach broader audiences. But there are fascinating stories hidden behind coded language and technical jargon.

Even though it happened over 10 years ago, I still remember hackers breaking into Target’s network and stealing customers' financial and personal data using a heating and air conditioning company’s access credentials. Despite the serious nature of the crime—Target’s CEO eventually resigned over it—the whole thing had sort of an Ocean’s 11 feel to it. 

Another memorable hack struck closer to home for many of us who enjoy gaming. In April 2011, hackers orchestrated what became one of gaming's most notorious security breaches, bringing down Sony's PlayStation Network and exposing personal data from 77 million user accounts. The attackers exploited network vulnerabilities to steal everything from usernames to credit card details, forcing Sony to shut down PSN for an agonizing month. 

It was a harsh wake-up call for gamers that our virtual worlds weren't as secure as we thought. Our team members still remember the frustration of not being able to play online games during that time and again when hackers targeted both PlayStation and Xbox networks on Christmas Day 2014, turning new consoles into expensive paperweights if you desire to play online games. These attacks showed that cybersecurity isn't just about protecting traditional targets like banks, critical infrastructure, and government agencies—it's about safeguarding the services, businesses, and experiences that bring joy to millions of people.

One of our clients, Anetac, does a great job of showing the human side of cybersecurity. A report they released last year revealed some alarming facts about service accounts, otherwise known as non-human identities. These automated accounts are used by applications and systems to perform actions, access data, and run processes. Three out of four respondents said those accounts directly accessed the company’s most valuable assets. An equal amount blurred critical security lines by mixing human and computer accounts.

Those numbers are shocking enough, but Anetac found ways to drive the point home in relatable terms. One organization discovered a 34-year-old service account created by a long-retired employee with credentials that could still access critical systems. An administrator used a service account to automate texts to three different partners about when he would see them. Another admin used a service account to order pizza for groups of developers.

Think Outside the Box—Creativity and Fun is your Friend 

The most compelling security narratives often emerge from unexpected places. Sometimes, it's an automated service account primarily used to order pizza for the office outside the bounds of company policy or a smart TV that becomes an entry point for network attacks. By helping companies uncover and tell these stories, we're not just explaining technology—we're showing how security touches every aspect of modern life.

Finding the Gold

As PR professionals, we bridge the gap between technical capabilities and real-world impact. Review materials and coverage to identify opportunities where technical achievements reveal compelling human stories, business outcomes, or societal implications.

Breaking into mainstream media means positioning security expertise where it matters most—explaining how vulnerabilities affect healthcare providers' ability to treat patients, why retail breaches endanger consumer trust, or how supply chain attacks disrupt business operations. Security companies capture broader attention when they focus on impact over technical specifications.

For example, when Log4j vulnerabilities threatened millions of systems worldwide, one company compared it to leaving your house key under the doormat—a simple analogy that helped business leaders understand the risk.

Making It Happen

The key to success lies in preparation. Teams should create rapid response systems for news events, develop clear speaking points for executives and build relationships with business reporters who appreciate security's broader implications. They should also look for ways to package technical findings into accessible narratives that maintain accuracy while simplifying language.

Success means expanding beyond security publications into mainstream business media. When security companies connect their expertise to real business challenges, they transform from technical vendors into trusted business advisors.

Security companies are responsible for protecting our digital world. Our job is to help them tell stories that make that mission matter to everyone. In today's connected world, cybersecurity isn't just a technical challenge—it's a safety necessity with a human story waiting to be told.